bkk-vbu config changes

diff --git a/customer/bkk-vbu/dev-web01-meine-krankenkasse-de.pixelpark.net.yaml b/customer/bkk-vbu/dev-web01-meine-krankenkasse-de.pixelpark.net.yaml
index 6d99655622213540b551c9d7e2a8d76055326f55..beaf3150c8c82155af43ca2bba684f105e9aebb1 100644 (file)
--- a/customer/bkk-vbu/dev-web01-meine-krankenkasse-de.pixelpark.net.yaml
+++ b/customer/bkk-vbu/dev-web01-meine-krankenkasse-de.pixelpark.net.yaml
@@ -48,8 +48,8 @@ site::profile::apache::pp_vhosts:
       - 'set X-Content-Type-Options: nosniff'
       - 'set X-XSS-Protection: "1; mode=block"'
       - 'set X-Frame-Options: DENY'
-      - "set Content-Security-Policy: \"default-src 'self'; img-src 'self' webstats.pixelpark.com data:; font-src 'self'; style-src 'self'; script-src 'self' webstats.pixelpark.com; frame-src 'self'; frame-ancestors 'self'\""
-      - "set X-Content-Security-Policy: \"default-src 'self'; img-src 'self' webstats.pixelpark.com data:; font-src 'self'; style-src 'self'; script-src 'self' webstats.pixelpark.com; frame-src 'self'; frame-ancestors 'self'\""
+      - "set Content-Security-Policy: \"default-src 'self'; img-src 'self' webstats.pixelpark.com data:; font-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' webstats.pixelpark.com; child-src 'self'; frame-ancestors 'self'\""
+      - "set X-Content-Security-Policy: \"default-src 'self'; img-src 'self' webstats.pixelpark.com data:; font-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' webstats.pixelpark.com; child-src 'self'; frame-ancestors 'self'\""
     headers_ssl:
       - 'always set Strict-Transport-Security "max-age=31556926"'
     custom_fragment: |