Set frame-ancestors to none if none are filled
frame-ancestors doesn't fall back to default-src. So when we apply a
very restricted CSP we should make sure to set it to 'none' and not
leave it empty.
Signed-off-by: 
Roeland Jago Douma <roeland@famdouma.nl>
Showing
- build/integration/sharing_features/sharing-v1.feature 1 addition, 1 deletionbuild/integration/sharing_features/sharing-v1.feature
- lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php 2 additions, 0 deletionslib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
- tests/lib/AppFramework/Controller/ControllerTest.php 1 addition, 1 deletiontests/lib/AppFramework/Controller/ControllerTest.php
- tests/lib/AppFramework/Http/DataResponseTest.php 1 addition, 1 deletiontests/lib/AppFramework/Http/DataResponseTest.php
- tests/lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php 57 additions, 57 deletions.../lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php
- tests/lib/AppFramework/Http/ResponseTest.php 1 addition, 1 deletiontests/lib/AppFramework/Http/ResponseTest.php
Loading
Please register or sign in to comment