From 29f7a9a3a31f33b27baced0d3724f0028a327177 Mon Sep 17 00:00:00 2001
From: niladic <git@nil.choron.cc>
Date: Sun, 27 Aug 2023 20:24:56 +0200
Subject: [PATCH] Ajoute frame-src pour les statistiques (#1813)

---
 conf/application.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/conf/application.conf b/conf/application.conf
index 46aee3bc..5b040a32 100644
--- a/conf/application.conf
+++ b/conf/application.conf
@@ -43,7 +43,7 @@ play.filters.csp {
     style-src = "'self' 'unsafe-inline' stats.data.gouv.fr"
     # "img-src data:" needed for MDL (image are loaded by JS)
     img-src = "'self' data: stats.data.gouv.fr"
-    frame-src = "'self' https://www.dailymotion.com"
+    frame-src = "'self' *.aplus.beta.gouv.fr https://www.dailymotion.com"
     font-src = "'self'"
     connect-src = "'self' https://stats.data.gouv.fr"
     frame-ancestors = "'self'"