udpate headers

author Andreas Gerstenberg <gerstenberg@pixelpark.com>

Wed, 16 Aug 2017 10:35:37 +0000 (12:35 +0200)

committer Andreas Gerstenberg <gerstenberg@pixelpark.com>

Wed, 16 Aug 2017 10:35:37 +0000 (12:35 +0200)
author Andreas Gerstenberg <gerstenberg@pixelpark.com>
Wed, 16 Aug 2017 10:35:37 +0000 (12:35 +0200)
committer Andreas Gerstenberg <gerstenberg@pixelpark.com>
Wed, 16 Aug 2017 10:35:37 +0000 (12:35 +0200)
diff --git a/customer/spk-spar-checker/test.yaml b/customer/spk-spar-checker/test.yaml

index 6c0a42c182f936597ea8df568e5fe698f708bc2d..f9fcf8dd20e2590debff5b3bd5d0187d9424f2f6 100644 (file)
--- a/customer/spk-spar-checker/test.yaml
+++ b/customer/spk-spar-checker/test.yaml
@@ -58,7 +58,7 @@ infra::profile::apache::pp_vhosts:
        - 'always set X-XSS-Protection "1; mode=block"'
        - 'always set X-Frame-Options "SAMEORIGIN"'
        - 'always set X-Content-Type-Options "nosniff"'
-      - "set Content-Security-Policy: \"default-src 'self' 'unsafe-eval' 'unsafe-inline' ; style-src 'self' https://webfonts.sparkasse.de 'unsafe-inline' ; font-src 'self' data: https://webfonts.sparkasse.de ; img-src 'self' data: ;"
+      - "set Content-Security-Policy: \"default-src 'self' 'unsafe-eval' 'unsafe-inline' ; style-src 'self' https://webfonts.sparkasse.de 'unsafe-inline' ; font-src 'self' data: https://webfonts.sparkasse.de ; img-src 'self' data: ;\""
      setenvif:
        - 'HTTPS on X-Forwarded-Proto=https'
        - 'HTTPS on HTTPS=on'
author	Andreas Gerstenberg <gerstenberg@pixelpark.com>
	Wed, 16 Aug 2017 10:35:37 +0000 (12:35 +0200)
committer	Andreas Gerstenberg <gerstenberg@pixelpark.com>
	Wed, 16 Aug 2017 10:35:37 +0000 (12:35 +0200)