kenmirrors/firefly-iii
1
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2025-09-18 10:39:28 +00:00
Code Issues Projects Releases Wiki Activity

Add secure headers middleware.

Browse Source
This commit is contained in:
James Cole
2018-08-25 07:55:47 +02:00
parent a9590d2bb6
commit dfdbace298
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/Http/Middleware/SecureHeaders.php
View File

@@ -47,7 +47,7 @@ class SecureHeaders
$response = $next($request);
$response->header('X-Frame-Options', 'deny');
//$response->header('Content-Security-Policy', "default-src 'none'; script-src 'self' 'unsafe-inline' https://www.google-analytics.com/analytics.js; style-src 'self' 'unsafe-inline';base-uri 'self';form-action 'self';font-src 'self';connect-src 'self';img-src 'self'");
$response->header('Content-Security-Policy', "default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google-analytics.com/analytics.js; style-src 'self' 'unsafe-inline';base-uri 'self';form-action 'self';font-src 'self';connect-src 'self';img-src 'self'");
return $response;
}