Move default-src CSP rule to ClassProvider

It was impossible to override the default-src CSP rule inside a plugin. This commit fixes this limitation by moving the assignation of the rule from Response class to ClassProvider.
author: Marien Fressinaud <dev@marienfressinaud.fr> 2016-01-23 18:47:47 +0100
committer: Marien Fressinaud <dev@marienfressinaud.fr> 2016-01-23 18:47:47 +0100
commit: 8baa417ecef452ad033cb43b555835e0c3d7397a (patch)
tree: dc6e55c899685e6c568727d98cbac277561f869f /app/ServiceProvider/ClassProvider.php
parent: cc93b869916fe34e38c4f49f317abf7c2b8e8f2a (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/app/ServiceProvider/ClassProvider.php b/app/ServiceProvider/ClassProvider.php
index c56c9259..df4e183b 100644
--- a/app/ServiceProvider/ClassProvider.php
+++ b/app/ServiceProvider/ClassProvider.php
@@ -168,6 +168,7 @@ class ClassProvider implements ServiceProviderInterface
         };
 
         $container['cspRules'] = array(
+            'default-src' => "'self'",
             'style-src' => "'self' 'unsafe-inline'",
             'img-src' => '* data:',
         );
author	Marien Fressinaud <dev@marienfressinaud.fr>	2016-01-23 18:47:47 +0100
committer	Marien Fressinaud <dev@marienfressinaud.fr>	2016-01-23 18:47:47 +0100
commit	8baa417ecef452ad033cb43b555835e0c3d7397a (patch)
tree	dc6e55c899685e6c568727d98cbac277561f869f /app/ServiceProvider/ClassProvider.php
parent	cc93b869916fe34e38c4f49f317abf7c2b8e8f2a (diff)