From 59984553fc50cdc2f88aeab61a321d00471ce15f Mon Sep 17 00:00:00 2001
From: Fabrice Gangler <fabrice.gangler@adullact.org>
Date: Mon, 21 Feb 2022 23:54:18 +0000
Subject: [PATCH] CHORE(CSP): add report-uri to catch CSP violation

---
 .gitlab/ci/build_additional_files/.htaccess | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.gitlab/ci/build_additional_files/.htaccess b/.gitlab/ci/build_additional_files/.htaccess
index be0bc565..b439f796 100644
--- a/.gitlab/ci/build_additional_files/.htaccess
+++ b/.gitlab/ci/build_additional_files/.htaccess
@@ -59,7 +59,7 @@ ErrorDocument 404 /404.html
     Header always set Strict-Transport-Security: max-age=15768000
 
     ## Content-Security-Policy (CSP)
-    Header set Content-Security-Policy "default-src 'none'; style-src 'self'; img-src 'self' https://statistiques.adullact.org ; script-src 'self' https://statistiques.adullact.org 'sha256-Oj7byVaFtnTXnxkJUhS8WcENCO4gmFgzKQ47r9DQhcU='; base-uri 'self'; connect-src 'self'; font-src 'self'; form-action 'self'; manifest-src 'self'; media-src 'self'; object-src 'none'; worker-src 'none'; frame-src 'none'; frame-ancestors 'none';"
+    Header set Content-Security-Policy "default-src 'none'; style-src 'self'; img-src 'self' https://statistiques.adullact.org ; script-src 'self' https://statistiques.adullact.org 'sha256-Oj7byVaFtnTXnxkJUhS8WcENCO4gmFgzKQ47r9DQhcU='; base-uri 'self'; connect-src 'self'; font-src 'self'; form-action 'self'; manifest-src 'self'; media-src 'self'; object-src 'none'; worker-src 'none'; frame-src 'none'; frame-ancestors 'none'; report-uri https://c2680d76820a734f351b76296ae60321.report-uri.com/r/d/csp/enforce;"
 </ifModule>
 
 ######################################################################################
-- 
GitLab