Bug 1439797 - Enable reporting-only CSP by default

author: Dylan William Hardison <dylan@hardison.net> 2018-02-21 19:59:53 +0100
committer: GitHub <noreply@github.com> 2018-02-21 19:59:53 +0100
commit: d435e0a5b0e07c145f929457313d8d7738f42b14 (patch)
tree: 7ed248a0637b8fcf09380658ad731a0a79cbe600 /Bugzilla/CGI
parent: c0d4e47a7b543ab406eeee414ae9baf228b43ce4 (diff)
download: bugzilla-d435e0a5b0e07c145f929457313d8d7738f42b14.tar.gz
bugzilla-d435e0a5b0e07c145f929457313d8d7738f42b14.tar.xz
1 files changed, 2 insertions, 2 deletions
diff --git a/Bugzilla/CGI/ContentSecurityPolicy.pm b/Bugzilla/CGI/ContentSecurityPolicy.pm
index 88f2732bc..50a399cdc 100644
--- a/Bugzilla/CGI/ContentSecurityPolicy.pm
+++ b/Bugzilla/CGI/ContentSecurityPolicy.pm
@@ -34,10 +34,10 @@ my $REFERRER_KEYWORD = enum [qw(
 
 my @ALL_BOOL = qw( sandbox upgrade_insecure_requests );
 my @ALL_SRC = qw(
-    default_src child_src  connect_src
+    default_src worker_src  connect_src
     font_src    img_src    media_src
     object_src  script_src style_src
-    frame_ancestors form_action
+    frame_src frame_ancestors form_action
 );
 
 has \@ALL_SRC     => ( is => 'ro', isa => $SOURCE_LIST, predicate => 1 );
author	Dylan William Hardison <dylan@hardison.net>	2018-02-21 19:59:53 +0100
committer	GitHub <noreply@github.com>	2018-02-21 19:59:53 +0100
commit	d435e0a5b0e07c145f929457313d8d7738f42b14 (patch)
tree	7ed248a0637b8fcf09380658ad731a0a79cbe600 /Bugzilla/CGI
parent	c0d4e47a7b543ab406eeee414ae9baf228b43ce4 (diff)
download	bugzilla-d435e0a5b0e07c145f929457313d8d7738f42b14.tar.gz bugzilla-d435e0a5b0e07c145f929457313d8d7738f42b14.tar.xz