merge conflict

author: Mario <mario@mariovavti.com> 2021-03-04 08:17:07 +0000
committer: Mario <mario@mariovavti.com> 2021-03-04 08:17:07 +0000
commit: 129f8107d317df190b73ce18945c50ddc27d2969 (patch)
tree: f36b37b759bb3fd033202a2b5e50a3bca15f0485 /boot.php
parent: 9389abdb757d5cb5b4b4322260e86c47d11ff043 (diff)
parent: cb0199603908e617e10a4d8ba8ec569a59178e6b (diff)
download: volse-hubzilla-129f8107d317df190b73ce18945c50ddc27d2969.tar.gz
volse-hubzilla-129f8107d317df190b73ce18945c50ddc27d2969.tar.bz2
volse-hubzilla-129f8107d317df190b73ce18945c50ddc27d2969.zip
1 files changed, 6 insertions, 4 deletions
diff --git a/boot.php b/boot.php
index 28ca02f84..82ebea71a 100644
--- a/boot.php
+++ b/boot.php
@@ -2423,10 +2423,12 @@ function construct_page() {
 		header("Strict-Transport-Security: max-age=31536000");
 
 	if(isset(App::$config['system']['content_security_policy'])) {
-		$cspsettings = Array (
-			'script-src' => Array ("'self'","'unsafe-inline'","'unsafe-eval'"),
-			'style-src' => Array ("'self'","'unsafe-inline'")
-		);
+		$cspsettings = [
+			'script-src' => [ "'self'", "'unsafe-inline'", "'unsafe-eval'" ],
+			'style-src'  => [ "'self'", "'unsafe-inline'" ],
+			'frame-src'  => [ "'self'" ]
+		];
+
 		call_hooks('content_security_policy',$cspsettings);
 
 		// Legitimate CSP directives (cxref: https://content-security-policy.com/)
author	Mario <mario@mariovavti.com>	2021-03-04 08:17:07 +0000
committer	Mario <mario@mariovavti.com>	2021-03-04 08:17:07 +0000
commit	129f8107d317df190b73ce18945c50ddc27d2969 (patch)
tree	f36b37b759bb3fd033202a2b5e50a3bca15f0485 /boot.php
parent	9389abdb757d5cb5b4b4322260e86c47d11ff043 (diff)
parent	cb0199603908e617e10a4d8ba8ec569a59178e6b (diff)
download	volse-hubzilla-129f8107d317df190b73ce18945c50ddc27d2969.tar.gz volse-hubzilla-129f8107d317df190b73ce18945c50ddc27d2969.tar.bz2 volse-hubzilla-129f8107d317df190b73ce18945c50ddc27d2969.zip