From 0932860a71414858edc28b19a85c6102ec1c7f28 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk@redhat.com>
Date: Thu, 3 May 2018 12:47:20 +0200
Subject: [PATCH] We have bootstrap from apps.fp.o :(

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 roles/pagure/frontend/templates/securityheaders.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/pagure/frontend/templates/securityheaders.conf b/roles/pagure/frontend/templates/securityheaders.conf
index 1c126916dc..03cd39a2a1 100644
--- a/roles/pagure/frontend/templates/securityheaders.conf
+++ b/roles/pagure/frontend/templates/securityheaders.conf
@@ -2,4 +2,4 @@ Header always set X-Frame-Options "ALLOW-FROM https://pagure.io/"
 Header always set X-Xss-Protection "1; mode=block"
 Header always set X-Content-Type-Options "nosniff"
 Header always set Referrer-Policy "same-origin"
-Header always set Content-Security-Policy "default-src https:; script-src 'self' 'unsafe-inline'"
+Header always set Content-Security-Policy "default-src https:; script-src 'self' 'unsafe-inline' https://apps.fedoraproject.org"