Improve CSP

2020-10-20 00:57:26 +02:00 · 2020-10-20 00:57:26 +02:00 · 4bcf9566ad
parent e97573922d
commit 4bcf9566ad
1 changed files with 3 additions and 0 deletions
--- a/classes/CspMiddleware.php
+++ b/classes/CspMiddleware.php
@ -39,6 +39,9 @@ class CspMiddleware
        $csp->addDirective('default-src', [])
            ->addDirective('font-src', ['self' => true])
            ->addDirective('style-src', ['self' => true])
+            ->addDirective('form-action', ['self' => true])
+            ->addDirective('base-uri', [])
+            ->addDirective('frame-ancestors', [])
            ->addSource('img-src', '*');

        if ($this->config->debug) {