X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/492af79c27f089e28c76007f93fef4995eda9d94..refs/pull/3373/head:/app/Http/Middleware/ApplyCspRules.php

diff --git a/app/Http/Middleware/ApplyCspRules.php b/app/Http/Middleware/ApplyCspRules.php
index a65d12a05..9f3a8d1d8 100644
--- a/app/Http/Middleware/ApplyCspRules.php
+++ b/app/Http/Middleware/ApplyCspRules.php
@@ -8,11 +8,7 @@ use Illuminate\Http\Request;
 
 class ApplyCspRules
 {
-
-    /**
-     * @var CspService
-     */
-    protected $cspService;
+    protected CspService $cspService;
 
     public function __construct(CspService $cspService)
     {
@@ -36,12 +32,9 @@ class ApplyCspRules
 
         $response = $next($request);
 
-        $this->cspService->setFrameAncestors($response);
-        $this->cspService->setScriptSrc($response);
-        $this->cspService->setObjectSrc($response);
-        $this->cspService->setBaseUri($response);
+        $cspHeader = $this->cspService->getCspHeader();
+        $response->headers->set('Content-Security-Policy', $cspHeader, false);
 
         return $response;
     }
-
 }