From 9f645d0934e767e83e04a6f744985ad2886fb77e Mon Sep 17 00:00:00 2001
From: ErickSkrauch <erickskrauch@yandex.ru>
Date: Tue, 26 Nov 2019 22:47:22 +0300
Subject: [PATCH] Add CSP header

---
 docker/nginx/account.ely.by.conf.template | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docker/nginx/account.ely.by.conf.template b/docker/nginx/account.ely.by.conf.template
index be254c3..4accae3 100644
--- a/docker/nginx/account.ely.by.conf.template
+++ b/docker/nginx/account.ely.by.conf.template
@@ -10,6 +10,7 @@ server {
     add_header X-Frame-Options "sameorigin" always;
     add_header X-XSS-Protection "1; mode=block" always;
     add_header X-Content-Type-Options "nosniff" always;
+    add_header Content-Security-Policy "default-src 'none';style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' https://www.google-analytics.com https://recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/;img-src 'self' data: www.google-analytics.com;font-src 'self' data:;connect-src 'self' https://sentry.io https://sentry.ely.by;frame-src https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/";
 
     # You can uncomment the next lines to enable debug mode
     # rewrite_log on;