From 137cf4cca5efd9c02d240aabd8dc079e1009db4e Mon Sep 17 00:00:00 2001
From: Harsh Shandilya <msfjarvis@gmail.com>
Date: Thu, 30 Jan 2020 19:57:21 +0530
Subject: [PATCH] Caddyfile: Setup CSP reporting

Signed-off-by: Harsh Shandilya <msfjarvis@gmail.com>
---
 Caddyfile | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/Caddyfile b/Caddyfile
index edd9a12..4abfdef 100644
--- a/Caddyfile
+++ b/Caddyfile
@@ -7,6 +7,9 @@
         dns cloudflare
     }
     header / {
+        Content-Security-Policy "
+            report-uri https://msfjarvis.report-uri.com/r/d/csp/reportOnly;
+        "
         # Security related changes stolen from https://github.com/searx/searx-docker/blob/master/Caddyfile
         Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
         X-XSS-Protection "1; mode=block"