From 76f4bf76d29cda82264c6b716346deb706ac558e Mon Sep 17 00:00:00 2001
From: "neha.kannaujia" <neha.kannaujia@gmail.com>
Date: Mon, 11 Sep 2017 10:43:20 +0100
Subject: [PATCH] Added frame-src

---
 conf/application.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/conf/application.conf b/conf/application.conf
index f9d0ce7f..0e51e923 100644
--- a/conf/application.conf
+++ b/conf/application.conf
@@ -41,7 +41,7 @@ template-amazon-s3-port = 9310
 template-amazon-s3-protocol = "http"
 
 
-play.filters.headers.contentSecurityPolicy = "default-src 'self' frame-src 'unsafe-inline' 'unsafe-eval' localhost:9310 localhost:9032 localhost:9250 'script-src' webchat-dev.tax.service.gov.uk analytics.analytics-egain.com *.analytics-egain.com stats.g.doubleclick.net assets.digital.cabinet-office.gov.uk www.google-analytics.com cdn.optimizely.com 8421482974.log.optimizely.com app.optimizely.com *.optimizely.com optimizely.s3.amazonaws.com data:"
+play.filters.headers.contentSecurityPolicy = "default-src 'self' 'frame-src' 'unsafe-inline' 'unsafe-eval' localhost:9310 localhost:9032 localhost:9250 'script-src' webchat-dev.tax.service.gov.uk analytics.analytics-egain.com *.analytics-egain.com stats.g.doubleclick.net assets.digital.cabinet-office.gov.uk www.google-analytics.com cdn.optimizely.com 8421482974.log.optimizely.com app.optimizely.com *.optimizely.com optimizely.s3.amazonaws.com data:"
 application.session.httpOnly=true
 
 metrics {