From 0992980dbdcfb9505e39689f3de42dc5427f8a84 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Tue, 7 May 2024 04:05:53 +0200 Subject: Setting Content-Security-Policy to "default-src https: 'self'; style-src https: 'self' 'unsafe-inline'". Signed-off-by: Daniel Baumann --- debian/apache2.postinst | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'debian/apache2.postinst') diff --git a/debian/apache2.postinst b/debian/apache2.postinst index 80a1860..fb856c5 100644 --- a/debian/apache2.postinst +++ b/debian/apache2.postinst @@ -62,7 +62,8 @@ enable_default_conf() { if is_fresh_install $@ ; then for conf in charset localized-error-pages other-vhosts-access-log \ - security serve-cgi-bin ; do + security serve-cgi-bin \ + csp ; do a2enconf -m -q $conf done fi -- cgit v1.2.3