Browse Source
Add CSP header to static resources
Fixes https://github.com/owncloud/core/issues/16164tags/v9.0beta1
Lukas Reschke
8 years ago
1 changed files with 4 additions and 0 deletions
+ 4
- 0
.htaccess
View File
| @@ -14,6 +14,10 @@ | |||
| Header set X-Robots-Tag "none" | |||
| Header set X-Frame-Options "SAMEORIGIN" | |||
| SetEnv modHeadersAvailable true | |||
| # Add CSP header if not set, used for static resources | |||
| Header append Content-Security-Policy "" | |||
| Header edit Content-Security-Policy "^$" "default-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self'" | |||
| </IfModule> | |||
| # Add cache control for CSS and JS files | |||
Loading…