From 1fd7c6465be2983e99bc82afc6d02c9f1c52f5c0 Mon Sep 17 00:00:00 2001
From: Scott Koranda <skoranda@gmail.com>
Date: Fri, 29 Sep 2023 05:50:24 -0500
Subject: [PATCH] container add CSP headers to Apache config (CO-2705)

---
 container/registry/base/comanage_utils.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/container/registry/base/comanage_utils.sh b/container/registry/base/comanage_utils.sh
index 7678b29c5..aa70c2241 100644
--- a/container/registry/base/comanage_utils.sh
+++ b/container/registry/base/comanage_utils.sh
@@ -1168,6 +1168,8 @@ ServerName ${COMANAGE_REGISTRY_VIRTUAL_HOST_SCHEME:-http}://${COMANAGE_REGISTRY_
 UseCanonicalName On
 UseCanonicalPhysicalPort On
 
+Header set Content-Security-Policy "frame-ancestors 'self';"
+
 EOF
 }
 
@@ -1195,6 +1197,7 @@ UseCanonicalName On
 UseCanonicalPhysicalPort On
 
 Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
+Header set Content-Security-Policy "frame-ancestors 'self';"
 
 SSLEngine on
 SSLProtocol all -SSLv2 -SSLv3