From b1b46556beae7a7da19b99205f6948ab9ad344a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Wed, 21 Dec 2022 09:17:07 +0100 Subject: [PATCH] fix stickler --- htdocs/admin/system/security.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index f2f60af751f..dd21524e7c2 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -574,7 +574,8 @@ print '
'; print 'MAIN_SECURITY_FORCERP = '.getDolGlobalString('MAIN_SECURITY_FORCERP', ''.$langs->trans("Undefined").'').'   ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or")." \"same-origin\" so browser doesn't send any referrer when going into another web site domain)
"; print '
'; -print 'WEBSITE_MAIN_SECURITY_FORCECSP = '.getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCECSP', ''.$langs->trans("Undefined").'').'   ('.$langs->trans("Example").": \"frame-ancestors 'self'; default-src 'self'; style-src https://cdnjs.cloudflare.com https://fonts.googleapis.com; script-src https://cdn.transifex.com https://www.googletagmanager.com; object-src https://youtube.com; frame-src https://youtube.com; img-src *;\")
"; +print 'WEBSITE_MAIN_SECURITY_FORCECSP = '.getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCECSP', ''.$langs->trans("Undefined").''); +print '   ('.$langs->trans("Example").": \"frame-ancestors 'self'; default-src 'self'; style-src https://cdnjs.cloudflare.com https://fonts.googleapis.com; script-src https://cdn.transifex.com https://www.googletagmanager.com; object-src https://youtube.com; frame-src https://youtube.com; img-src *;\")
"; print '
'; print 'WEBSITE_MAIN_SECURITY_FORCERP = '.getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCERP', ''.$langs->trans("Undefined").'').'   ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or")." \"strict-origin-when-cross-origin\")
";