From 3a791603b825f41130028d256d58bbec105cc170 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 7 Apr 2024 17:17:09 +0200
Subject: Setting Content-Security-Policy to "default-src https: 'self';
 style-src https: 'self' 'unsafe-inline'".

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 debian/apache2.postinst | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'debian/apache2.postinst')

diff --git a/debian/apache2.postinst b/debian/apache2.postinst
index a980441..c9a0192 100644
--- a/debian/apache2.postinst
+++ b/debian/apache2.postinst
@@ -55,7 +55,8 @@ enable_default_conf()
 {
 	if is_fresh_install $@ ; then
 		for conf in charset localized-error-pages other-vhosts-access-log \
-				security serve-cgi-bin ; do
+				security serve-cgi-bin \
+				csp ; do
 			a2enconf -m -q $conf
 		done
 	fi
-- 
cgit v1.2.3