# HG changeset patch
# User IBBoard <dev@ibboard.co.uk>
# Date 1559155951 -3600
# Node ID 1901cf7bac5548381fd3efb9d72d4f7bfdf7b16b
# Parent  6813609829e30bf5df04bba40494b06f3de0b37a
Increase the security for the common CSP headers

diff -r 6813609829e3 -r 1901cf7bac55 modules/website/files/zzz-0-custom.conf
--- a/modules/website/files/zzz-0-custom.conf	Wed May 29 19:51:42 2019 +0100
+++ b/modules/website/files/zzz-0-custom.conf	Wed May 29 19:52:31 2019 +0100
@@ -91,6 +91,6 @@
 
 Header always set Referrer-Policy "no-referrer-when-downgrade"
 Header always set Expect-CT "max-age=0, report-uri='https://ibboard.report-uri.io/r/default/ct/reportOnly'"
-Header always set Content-Security-Policy "upgrade-insecure-requests"
+Header always set Content-Security-Policy "upgrade-insecure-requests; frame-ancestors 'none'; base-uri 'none'"
 Header always set Content-Security-Policy-Report-Only "default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; font-src 'self'"
 #; report-uri https://ibboard.report-uri.com/r/d/csp/reportOnly"
\ No newline at end of file