diff options
| author | Matthew Somerville <matthew-github@dracos.co.uk> | 2016-08-15 14:37:17 +0100 |
|---|---|---|
| committer | Matthew Somerville <matthew-github@dracos.co.uk> | 2016-08-16 18:39:35 +0100 |
| commit | 05f6e047cbce6dac05342659bd5f21ffcd88e833 (patch) | |
| tree | 6a0ac667fdcbe99d153f941dcd5b8efa387997cc /perllib/FixMyStreet/Cobrand/FixMyStreet.pm | |
| parent | bef9203e2380df25372e3f8aa7c763a72ec4aa5a (diff) | |
[fixmystreet.com] Add Content-Security-Policy.
Diffstat (limited to 'perllib/FixMyStreet/Cobrand/FixMyStreet.pm')
| -rw-r--r-- | perllib/FixMyStreet/Cobrand/FixMyStreet.pm | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/perllib/FixMyStreet/Cobrand/FixMyStreet.pm b/perllib/FixMyStreet/Cobrand/FixMyStreet.pm index b321a21c4..1fb822893 100644 --- a/perllib/FixMyStreet/Cobrand/FixMyStreet.pm +++ b/perllib/FixMyStreet/Cobrand/FixMyStreet.pm @@ -1,6 +1,8 @@ package FixMyStreet::Cobrand::FixMyStreet; use base 'FixMyStreet::Cobrand::UK'; +use mySociety::Random; + use constant COUNCIL_ID_BROMLEY => 2482; # Special extra @@ -17,6 +19,11 @@ sub path_to_email_templates { ]; } +sub add_response_headers { + my $self = shift; + my $csp_nonce = $self->{c}->stash->{csp_nonce} = unpack('h*', mySociety::Random::random_bytes(16, 1)); + $self->{c}->res->header('Content-Security-Policy', "script-src 'self' www.google-analytics.com www.googleadservices.com 'unsafe-inline' 'nonce-$csp_nonce'") +} # FixMyStreet should return all cobrands sub restriction { |