From d435e0a5b0e07c145f929457313d8d7738f42b14 Mon Sep 17 00:00:00 2001
From: Dylan William Hardison <dylan@hardison.net>
Date: Wed, 21 Feb 2018 13:59:53 -0500
Subject: Bug 1439797 - Enable reporting-only CSP by default

---
 Bugzilla/CGI/ContentSecurityPolicy.pm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'Bugzilla/CGI/ContentSecurityPolicy.pm')

diff --git a/Bugzilla/CGI/ContentSecurityPolicy.pm b/Bugzilla/CGI/ContentSecurityPolicy.pm
index 88f2732bc..50a399cdc 100644
--- a/Bugzilla/CGI/ContentSecurityPolicy.pm
+++ b/Bugzilla/CGI/ContentSecurityPolicy.pm
@@ -34,10 +34,10 @@ my $REFERRER_KEYWORD = enum [qw(
 
 my @ALL_BOOL = qw( sandbox upgrade_insecure_requests );
 my @ALL_SRC = qw(
-    default_src child_src  connect_src
+    default_src worker_src  connect_src
     font_src    img_src    media_src
     object_src  script_src style_src
-    frame_ancestors form_action
+    frame_src frame_ancestors form_action
 );
 
 has \@ALL_SRC     => ( is => 'ro', isa => $SOURCE_LIST, predicate => 1 );
-- 
cgit v1.2.3-24-g4f1b