From d84cfd492ddcbf86caf6b85a8f78a88d9f429285 Mon Sep 17 00:00:00 2001
From: jordan-dr <jordan@dryrunsecurity.com>
Date: Tue, 22 Apr 2025 17:53:27 -0500
Subject: [PATCH] On main: csp-update

---
 config/initializers/content_security_policy.rb | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 config/initializers/content_security_policy.rb

diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb
new file mode 100644
index 0000000..6f24d39
--- /dev/null
+++ b/config/initializers/content_security_policy.rb
@@ -0,0 +1,5 @@
+Rails.application.config.content_security_policy do |policy|
+    policy.default_src :self
+    policy.script_src :self, :https
+    policy.style_src :self
+  end
\ No newline at end of file