From 093ac10f7e5c9bd40e9def573c654069e4cba1a9 Mon Sep 17 00:00:00 2001
From: Alan Pearce
Date: Sat, 9 Sep 2023 18:19:29 +0200
Subject: Add form-action and base-uri CSPs

---
 netlify.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/netlify.toml b/netlify.toml
index 422ca3b..b75399f 100644
--- a/netlify.toml
+++ b/netlify.toml
@@ -22,4 +22,4 @@ command = "zola build --base-url $DEPLOY_PRIME_URL"
     X-XSS-Protection = "1; mode=block"
     Referrer-Policy = "strict-origin-when-cross-origin"
     Strict-Transport-Security = "max-age=63072000; includeSubdomains"
-    Content-Security-Policy = "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'unsafe-inline'; frame-ancestors 'none'"
+    Content-Security-Policy = "default-src 'none'; img-src 'self'; object-src 'none'; script-src 'none'; style-src 'unsafe-inline'; form-action 'none'; base-uri 'self'; frame-ancestors 'none'"
-- 
cgit 1.4.1