From fc84f726ae2ae2fcac6ddee3945f51b02a650ba8 Mon Sep 17 00:00:00 2001
From: Pablo Bonilla <pbonilla29@hotmail.com>
Date: Mon, 12 Jul 2021 19:40:09 -0600
Subject: [PATCH 1/5] Update index with CSP

---
 src/main/webapp/index.html | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/main/webapp/index.html b/src/main/webapp/index.html
index 1d945f6..7463d58 100644
--- a/src/main/webapp/index.html
+++ b/src/main/webapp/index.html
@@ -4,7 +4,11 @@
     <meta charset="utf-8" />
     <meta http-equiv="X-UA-Compatible" content="IE=edge" />
     <title>DataSurvey</title>
-    <meta name="description" content="Description for DataSurvey" />
+    <meta
+      http-equiv="Content-Security-Policy"
+      content="default-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apis.google.com/js/platform.js"
+    />
+    <meta name="description" content="Cree y complete encuestas a nivel mundial" />
     <meta name="google" content="notranslate" />
     <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
     <meta name="theme-color" content="#000000" />

From f8f03aa4c7fe943b1fe9fd9c9ad72f8e8e431ca9 Mon Sep 17 00:00:00 2001
From: Pablo Bonilla <pbonilla29@hotmail.com>
Date: Mon, 12 Jul 2021 20:09:33 -0600
Subject: [PATCH 2/5] Update index CSP

---
 src/main/webapp/index.html | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/src/main/webapp/index.html b/src/main/webapp/index.html
index 7463d58..5d4a886 100644
--- a/src/main/webapp/index.html
+++ b/src/main/webapp/index.html
@@ -4,10 +4,7 @@
     <meta charset="utf-8" />
     <meta http-equiv="X-UA-Compatible" content="IE=edge" />
     <title>DataSurvey</title>
-    <meta
-      http-equiv="Content-Security-Policy"
-      content="default-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://apis.google.com/js/platform.js"
-    />
+    <meta http-equiv="Content-Security-Policy" content="script-src https://storage.googleapis.com" />
     <meta name="description" content="Cree y complete encuestas a nivel mundial" />
     <meta name="google" content="notranslate" />
     <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />

From bfbe0f9c5a59f796c0813ce89f2642a6515edc86 Mon Sep 17 00:00:00 2001
From: Pablo Bonilla <pbonilla29@hotmail.com>
Date: Mon, 12 Jul 2021 20:35:55 -0600
Subject: [PATCH 3/5] Update index allow-all CSP

---
 src/main/webapp/index.html | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/main/webapp/index.html b/src/main/webapp/index.html
index 5d4a886..97e8415 100644
--- a/src/main/webapp/index.html
+++ b/src/main/webapp/index.html
@@ -4,7 +4,16 @@
     <meta charset="utf-8" />
     <meta http-equiv="X-UA-Compatible" content="IE=edge" />
     <title>DataSurvey</title>
-    <meta http-equiv="Content-Security-Policy" content="script-src https://storage.googleapis.com" />
+    <meta
+      http-equiv="Content-Security-Policy"
+      content="default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; 
+    script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; 
+    connect-src * data: blob: 'unsafe-inline'; 
+    img-src * data: blob: 'unsafe-inline'; 
+    frame-src * data: blob: ; 
+    style-src * data: blob: 'unsafe-inline';
+    font-src * data: blob: 'unsafe-inline';"
+    />
     <meta name="description" content="Cree y complete encuestas a nivel mundial" />
     <meta name="google" content="notranslate" />
     <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />

From 7208510d229e3f5c2f7b5e2a0e1bf109ea53aeb1 Mon Sep 17 00:00:00 2001
From: Pablo Bonilla <pbonilla29@hotmail.com>
Date: Mon, 12 Jul 2021 22:17:04 -0600
Subject: [PATCH 4/5] Update index script-src-elem CSP

---
 src/main/webapp/index.html | 11 +----------
 1 file changed, 1 insertion(+), 10 deletions(-)

diff --git a/src/main/webapp/index.html b/src/main/webapp/index.html
index 97e8415..6299be5 100644
--- a/src/main/webapp/index.html
+++ b/src/main/webapp/index.html
@@ -4,16 +4,7 @@
     <meta charset="utf-8" />
     <meta http-equiv="X-UA-Compatible" content="IE=edge" />
     <title>DataSurvey</title>
-    <meta
-      http-equiv="Content-Security-Policy"
-      content="default-src *  data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; 
-    script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; 
-    connect-src * data: blob: 'unsafe-inline'; 
-    img-src * data: blob: 'unsafe-inline'; 
-    frame-src * data: blob: ; 
-    style-src * data: blob: 'unsafe-inline';
-    font-src * data: blob: 'unsafe-inline';"
-    />
+    <meta http-equiv="Content-Security-Policy" content="script-src-elem * 'self' 'unsafe-inline' 'unsafe-eval' *" />
     <meta name="description" content="Cree y complete encuestas a nivel mundial" />
     <meta name="google" content="notranslate" />
     <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />

From 941dc132c0c6a01c903091cca6ec392d5b07d579 Mon Sep 17 00:00:00 2001
From: Pablo Bonilla <pbonilla29@hotmail.com>
Date: Mon, 12 Jul 2021 22:39:17 -0600
Subject: [PATCH 5/5] Update manifest.webapp CSP

---
 src/main/webapp/manifest.webapp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/main/webapp/manifest.webapp b/src/main/webapp/manifest.webapp
index 878a8c5..5b77044 100644
--- a/src/main/webapp/manifest.webapp
+++ b/src/main/webapp/manifest.webapp
@@ -27,5 +27,6 @@
   "background_color": "#e0e0e0",
   "start_url": ".",
   "display": "standalone",
-  "orientation": "portrait"
+  "orientation": "portrait",
+  "content_security_policy": "default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline';  img-src * data: blob: 'unsafe-inline';  frame-src * data: blob: ;  style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';"
 }