From: Andreas Pinto-Köhler <andreas.pinto-koehler@publicispixelpark.de>
Date: Tue, 22 Nov 2016 15:23:10 +0000 (+0100)
Subject: Added youtube as script-src dev-web-ngcc-daimler.pixelpark.net.yaml
X-Git-Tag: v0.1.0~3784^2
X-Git-Url: https://git.uhu-banane.de/?a=commitdiff_plain;h=dbb9a03793def4ac06e31a49aebf886be7a81042;p=pixelpark%2Fhiera.git

Added youtube as script-src dev-web-ngcc-daimler.pixelpark.net.yaml
---

diff --git a/customer/mbvd-ngcc/dev-web-ngcc-daimler.pixelpark.net.yaml b/customer/mbvd-ngcc/dev-web-ngcc-daimler.pixelpark.net.yaml
index e8cbfc3b..3d12f897 100644
--- a/customer/mbvd-ngcc/dev-web-ngcc-daimler.pixelpark.net.yaml
+++ b/customer/mbvd-ngcc/dev-web-ngcc-daimler.pixelpark.net.yaml
@@ -41,8 +41,8 @@ site::profile::apache::pp_vhosts:
       - 'set X-Content-Type-Options: nosniff'
       - 'set X-XSS-Protection: "1; mode=block"'
       - 'set X-Frame-Options: "ALLOW-FROM https://dev-cms01-ngcc-daimler.pixelpark.net"'
-      - "set Content-Security-Policy: \"default-src 'self'; font-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; frame-ancestors 'self'; media-src 'self' data:; child-src https://*.youtube.com\""
-      - "set X-Content-Security-Policy: \"default-src 'self'; font-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; frame-ancestors 'self'; media-src 'self' data:; child-src https://*.youtube.com\""
+      - "set Content-Security-Policy: \"default-src 'self'; font-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.youtube.com; frame-ancestors 'self'; media-src 'self' data:; child-src https://*.youtube.com\""
+      - "set X-Content-Security-Policy: \"default-src 'self'; font-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.youtube.com; frame-ancestors 'self'; media-src 'self' data:; child-src https://*.youtube.com\""
     headers_ssl:
       - 'always set Strict-Transport-Security "max-age=31556926"'
     custom_fragment: |