summaryrefslogtreecommitdiffstats
path: root/include/security_headers_middleware.hpp
diff options
context:
space:
mode:
Diffstat (limited to 'include/security_headers_middleware.hpp')
-rw-r--r--include/security_headers_middleware.hpp5
1 files changed, 2 insertions, 3 deletions
diff --git a/include/security_headers_middleware.hpp b/include/security_headers_middleware.hpp
index 04fc913..561fd81 100644
--- a/include/security_headers_middleware.hpp
+++ b/include/security_headers_middleware.hpp
@@ -18,9 +18,8 @@ static const char* xframeValue = "DENY";
static const char* xssKey = "X-XSS-Protection";
static const char* xssValue = "1; mode=block";
-static const char* contentSecurityKey = "Content-Security-Policy";
-static const char* contentSecurityValue =
- "script-src 'self'; object-src 'self'";
+static const char* contentSecurityKey = "X-Content-Security-Policy";
+static const char* contentSecurityValue = "default-src 'self'";
static const char* pragmaKey = "Pragma";
static const char* pragmaValue = "no-cache";
OpenPOWER on IntegriCloud