loleaflet: Add Content Security Policy

Change-Id: I450e0c9fb24d114af35ba9c503d3940ab30a4f4e
author: Pranav Kant <pranavk@collabora.co.uk> 2017-04-06 23:49:56 +0530
committer: Jan Holesovsky <kendy@collabora.com> 2017-04-07 16:32:50 +0200
commit: 79e9141ad9d6f74bb4bf868ad93b07488b3e5d15 (patch)
tree: e4335e24c0da731e6a5140d044d0c9399c593bb0 /loleaflet
parent: 6e85a2a142e12dd97dc789f33f042da6c58b3249 (diff)
1 files changed, 7 insertions, 1 deletions
diff --git a/loleaflet/dist/loleaflet.html b/loleaflet/dist/loleaflet.html
index d8de0bb32..0772bee10 100644
--- a/loleaflet/dist/loleaflet.html
+++ b/loleaflet/dist/loleaflet.html
@@ -3,7 +3,13 @@
 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
 <title>Online Editor</title>
 <meta charset="utf-8">
-
+<meta http-equiv="Content-Security-Policy" content="default-src 'none';
+						    frame-src blob:;
+						    connect-src 'self' %HOST%;
+						    script-src 'self' 'unsafe-inline';
+						    style-src 'self' 'unsafe-inline';
+						    font-src 'self' data:;
+						    img-src 'self' data:;">
 <meta name="viewport" content="width=device-width, initial-scale=1.0">
 
 <script>
author	Pranav Kant <pranavk@collabora.co.uk>	2017-04-06 23:49:56 +0530
committer	Jan Holesovsky <kendy@collabora.com>	2017-04-07 16:32:50 +0200
commit	79e9141ad9d6f74bb4bf868ad93b07488b3e5d15 (patch)
tree	e4335e24c0da731e6a5140d044d0c9399c593bb0 /loleaflet
parent	6e85a2a142e12dd97dc789f33f042da6c58b3249 (diff)