Remove default CSP header
This commit is contained in:
parent
a00ec4473c
commit
f5b29e8f17
@ -96,7 +96,6 @@ class HttpView extends BaseView {
|
|||||||
}
|
}
|
||||||
|
|
||||||
$this->response = $this->response->withHeader('Content-type', "{$this->contentType};charset=utf-8")
|
$this->response = $this->response->withHeader('Content-type', "{$this->contentType};charset=utf-8")
|
||||||
->withHeader('Content-Security-Policy', "script-src 'self'")
|
|
||||||
->withHeader('X-Content-Type-Options', 'nosniff')
|
->withHeader('X-Content-Type-Options', 'nosniff')
|
||||||
->withHeader('X-XSS-Protection', '1;mode=block')
|
->withHeader('X-XSS-Protection', '1;mode=block')
|
||||||
->withHeader('X-Frame-Options', 'SAMEORIGIN');
|
->withHeader('X-Frame-Options', 'SAMEORIGIN');
|
||||||
|
Loading…
Reference in New Issue
Block a user