From a5b81ce36a73530e806f984f94fe91fdb89a437a Mon Sep 17 00:00:00 2001
From: Jeroen De Meerleer <me@jeroened.be>
Date: Wed, 2 Feb 2022 13:16:17 +0100
Subject: [PATCH] Added referer policy

---
 lib/Framework/Router.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/Framework/Router.php b/lib/Framework/Router.php
index c19c73b..7b9e39b 100644
--- a/lib/Framework/Router.php
+++ b/lib/Framework/Router.php
@@ -34,7 +34,8 @@ class Router
 
         if ($response instanceof Response) {
             $response->headers->add([
-                "Content-Security-Policy" => "default-src 'none'; font-src 'self'; style-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self' data:; form-action 'self'; require-trusted-types-for 'script'; frame-ancestors 'none'; base-uri 'none'"
+                "Content-Security-Policy" => "default-src 'none'; font-src 'self'; style-src 'self'; script-src 'self'; connect-src 'self'; img-src 'self' data:; form-action 'self'; require-trusted-types-for 'script'; frame-ancestors 'none'; base-uri 'none'",
+                "Referrer-Policy" => "same-origin"
                 ]);
             return $response;
         } else {