From ab0471c78eda1f398ed1e8c892999fc7766265ae Mon Sep 17 00:00:00 2001
From: Luca Bognolo <git@bogny.eu>
Date: Thu, 3 Jan 2019 00:21:21 +0100
Subject: [PATCH] Fixed missing CSP directive and value

Signed-off-by: Luca Bognolo <git@bogny.eu>
---
 app/Http/Middleware/SecureHeaders.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app/Http/Middleware/SecureHeaders.php b/app/Http/Middleware/SecureHeaders.php
index 82c7698769..a245eb5d6c 100644
--- a/app/Http/Middleware/SecureHeaders.php
+++ b/app/Http/Middleware/SecureHeaders.php
@@ -55,9 +55,10 @@ class SecureHeaders
             "style-src 'self' 'unsafe-inline'",
             "base-uri 'self'",
             "form-action 'self'",
-            "font-src 'self'",
+            "font-src 'self' data: https://fonts.gstatic.com",
             "connect-src 'self'",
             "img-src 'self' data: https://api.tiles.mapbox.com",
+            "manifest-src 'self'",
         ];
 
         $featurePolicies = [