From 96a1b2a496590acf328344943a554c8a2732b3af Mon Sep 17 00:00:00 2001
From: sambufe <samuel.bufe@publicispixelpark.de>
Date: Fri, 10 Mar 2017 13:46:37 +0100
Subject: [PATCH] set csp header on dev orat

---
 .../fbb-orat/dev01-orat-berlin-airport-de.pixelpark.net.yaml    | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/customer/fbb-orat/dev01-orat-berlin-airport-de.pixelpark.net.yaml b/customer/fbb-orat/dev01-orat-berlin-airport-de.pixelpark.net.yaml
index 4483ddf9..1b755a83 100644
--- a/customer/fbb-orat/dev01-orat-berlin-airport-de.pixelpark.net.yaml
+++ b/customer/fbb-orat/dev01-orat-berlin-airport-de.pixelpark.net.yaml
@@ -46,6 +46,8 @@ site::profile::wordpress::projects:
           - '%%{ich-trickse}{HTTPS} !=on'
         rewrite_rule:
           - ^(.*)$ https://%%{ich-trickse}{HTTP_HOST}$1 [R=301,L]
+    headers:
+      - "set Content-Security-Policy: \"default-src 'self' *.google-analytics.com *.facebook.com www.google.com www.youtube.com *.doubleclick.net; img-src 'self' *.fbcdn.net secure.gravatar.com data:; font-src 'self' fonts.gstatic.com data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.addthis.com *.addthisedge.com; child-src 'self'; frame-ancestors 'self';default-src 'self' *.google-analytics.com *.facebook.com www.google.com www.youtube.com *.doubleclick.net; img-src 'self' *.fbcdn.net secure.gravatar.com data:; font-src 'self' fonts.gstatic.com data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.addthis.com *.addthisedge.com; child-src 'self'; frame-ancestors 'self';\""
 
 #orat db user password
 db_password: ENC[PKCS7,MIIBiQYJKoZIhvcNAQcDoIIBejCCAXYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAf1uHte9Li7dFlFGS/DIWd4eBvrzTZCziWALTIv3mMq5x6Ym7vdmp8QIJNN9v/gPPnlRv9wav0iKxOo/rFfe/fv+qKgc1VXdc39wFPHO1cTvSBp/ra/5qoTfuoJsjgo97C5vrRzLqY6X4W4fjHwWdUQeKVaB0BrbexOgII0FzYPdCFKCpkbP8TKs6Yd16IUxhLC8aKW/b8VEn1TWHZ1Ulr/+6WPEdoSa5HzuWT6J9C9cKvSoqA9ZmaNmQYB4kcBjvu9g52scIaxG8AKWS5dcSK5yOiusCCeMGShxfx2qAMGHgI4ICPxvR9xes9mBiLsZdqH7ei9n+15fkBFxJvOdDkjBMBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBAR7PgSN/JuTkP2O9o9psoVgCCIhd/wB7KKeWAq7yDnqEmlMer1QdCZElj01jUz6HrOtQ==]
-- 
2.39.5