X-Git-Url: http://git.shiar.nl/minimedit.git/blobdiff_plain/1b6e24cdaae9bf6bf6a990fe9227cb50f5d29d92..bc04734cdf01d9b2ac8a9b9558c4782e61086821:/page.php

diff --git a/page.php b/page.php
index 12e0690..dee5ee0 100644
--- a/page.php
+++ b/page.php
@@ -159,6 +159,12 @@ if ($PageAccess = $Article->restricted) {
 
 # prepare page contents
 
+header(sprintf('Content-Security-Policy: %s', implode('; ', [
+	"default-src 'self' 'unsafe-inline' http://cdn.ckeditor.com", # some overrides remain
+	"img-src 'self' data: http://cdn.ckeditor.com", # inline svg (in css)
+	"frame-ancestors 'none'", # prevent malicious embedding
+])));
+
 ob_start(); # page body
 $Place = [
 	'user'  => $User ? $User->login : '',