From fb15864da9fe63415214a5a7e9d0160fc6b52f29 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk@redhat.com>
Date: Jul 20 2017 08:01:28 +0000
Subject: Add default very strict Content Security Policy


Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>

---

diff --git a/templates/install/ipsilon.conf b/templates/install/ipsilon.conf
index 6388619..fc900de 100644
--- a/templates/install/ipsilon.conf
+++ b/templates/install/ipsilon.conf
@@ -21,3 +21,11 @@ tools.sessions.path = "${instanceurl}"
 tools.sessions.timeout = ${session_timeout}
 tools.sessions.httponly = ${secure}
 tools.sessions.secure = ${secure}
+
+# Content Security Policy compatible with default theme
+csp.default-src = "'none'"
+csp.script-src = "'self'"
+csp.style-src = "'self'"
+csp.img-src = "'self'"
+csp.font-src = "'self'"
+csp.form-action = "'self'"