From 1ab5c3fe8058ea86f72281d56704e07572ee74cd Mon Sep 17 00:00:00 2001
From: Laura Gorzitze <laura.gorzitze@cloudogu.com>
Date: Mon, 4 Mar 2024 14:50:39 +0100
Subject: [PATCH] Adjust security headers to allow pdf rendering

---
 .../src/main/java/sonia/scm/filter/SecurityHeadersFilter.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scm-webapp/src/main/java/sonia/scm/filter/SecurityHeadersFilter.java b/scm-webapp/src/main/java/sonia/scm/filter/SecurityHeadersFilter.java
index ba348b67f6..67689a925c 100644
--- a/scm-webapp/src/main/java/sonia/scm/filter/SecurityHeadersFilter.java
+++ b/scm-webapp/src/main/java/sonia/scm/filter/SecurityHeadersFilter.java
@@ -42,8 +42,8 @@ public class SecurityHeadersFilter extends HttpFilter {
     response.setHeader("X-Content-Type-Options", "nosniff");
     response.setHeader("Content-Security-Policy",
         "form-action 'self'; " +
-        "object-src 'none'; " +
-        "frame-ancestors 'none'; " +
+        "object-src 'self'; " +
+        "frame-ancestors 'self'; " +
         "block-all-mixed-content"
     );
     response.setHeader("Permissions-Policy",