From b7782fb80628493f962fae0eda7d013dcf5a6b17 Mon Sep 17 00:00:00 2001
From: Fabian Henneke <FabianHenneke@users.noreply.github.com>
Date: Fri, 3 May 2019 09:08:22 +0200
Subject: [PATCH] Set an explicit, stricter CSP (#144)

---
 src/manifest-chromium.json | 1 +
 src/manifest-firefox.json  | 1 +
 2 files changed, 2 insertions(+)

diff --git a/src/manifest-chromium.json b/src/manifest-chromium.json
index b54aa41..f54257f 100644
--- a/src/manifest-chromium.json
+++ b/src/manifest-chromium.json
@@ -38,6 +38,7 @@
         "http://*/*",
         "https://*/*"
     ],
+    "content_security_policy": "default-src 'none'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'",
     "commands": {
         "_execute_browser_action": {
             "suggested_key": {
diff --git a/src/manifest-firefox.json b/src/manifest-firefox.json
index a79c61f..a25ce99 100644
--- a/src/manifest-firefox.json
+++ b/src/manifest-firefox.json
@@ -35,6 +35,7 @@
         "http://*/*",
         "https://*/*"
     ],
+    "content_security_policy": "default-src 'none'; font-src 'self'; img-src 'self'; script-src 'self'; style-src 'self'",
     "applications": {
         "gecko": {
             "id": "browserpass@maximbaz.com",