From 0217644b48d23b499e6590829e67348386cb9614 Mon Sep 17 00:00:00 2001
From: sakkiii <11132948+sakkiii@users.noreply.github.com>
Date: Fri, 18 Jun 2021 23:27:23 +0530
Subject: [PATCH] Content-Security-Policy For Element Web

https://github.com/vector-im/element-web#configuration-best-practices
---
 .../templates/nginx/conf.d/matrix-client-element.conf.j2         | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2
index ee23cdfe3..17e8f131e 100644
--- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2
+++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-client-element.conf.j2
@@ -12,6 +12,7 @@
 	add_header X-Content-Type-Options nosniff;
 	add_header X-XSS-Protection "{{ matrix_nginx_proxy_xss_protection }}";
 	add_header X-Frame-Options SAMEORIGIN;
+	add_header Content-Security-Policy "frame-ancestors 'none'";
 
 	{% if matrix_nginx_proxy_floc_optout_enabled %}
 		add_header Permissions-Policy interest-cohort=() always;