From b77ac81d6f354d602a3b97c29f94c883032956ea Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@helsinki.at>
Date: Thu, 1 Sep 2016 14:47:28 +0200
Subject: added CSP Header to Readme


diff --git a/README b/README
index 1cc687f..f0cbe29 100644
--- a/README
+++ b/README
@@ -46,6 +46,8 @@ LDAPTrustedGlobalCert CA_BASE64 /etc/ldap/ldapscert.pem
 add the following to the virtualhost config:
 
 ~~~snip~~~
+	Header always set Content-Security-Policy "default-src 'none'; connect-src 'self' wss://import.helsinki.at; img-src 'self'; script-src 'self'; style-src 'self'; font-src 'self';"
+
 	AssignUserID rduser rivendell
 
 	Include /etc/rivendell/apache-2.4.conf
-- 
cgit v0.10.2