aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--boot.php9
1 files changed, 5 insertions, 4 deletions
diff --git a/boot.php b/boot.php
index 4c3e4c00b..38269ddb6 100644
--- a/boot.php
+++ b/boot.php
@@ -2419,10 +2419,11 @@ function construct_page() {
header("Strict-Transport-Security: max-age=31536000");
if(App::$config['system']['content_security_policy']) {
- $cspsettings = Array (
- 'script-src' => Array ("'self'","'unsafe-inline'","'unsafe-eval'"),
- 'style-src' => Array ("'self'","'unsafe-inline'")
- );
+ $cspsettings = [
+ 'script-src' => [ "'self'", "'unsafe-inline'", "'unsafe-eval'" ],
+ 'style-src' => [ "'self'", "'unsafe-inline'" ],
+ 'frame-src' => [ "'self'" ]
+ ];
call_hooks('content_security_policy',$cspsettings);
// Legitimate CSP directives (cxref: https://content-security-policy.com/)