From f5b29e8f17ab8268804a21a065d4147afe4fb36b Mon Sep 17 00:00:00 2001
From: Timothy J Warren <tim@timshomepage.net>
Date: Wed, 12 Apr 2017 16:38:23 -0400
Subject: [PATCH] Remove default CSP header

---
 src/View/HttpView.php | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/View/HttpView.php b/src/View/HttpView.php
index 5735dfb..b148266 100644
--- a/src/View/HttpView.php
+++ b/src/View/HttpView.php
@@ -96,7 +96,6 @@ class HttpView extends BaseView {
 		}
 
 		$this->response = $this->response->withHeader('Content-type', "{$this->contentType};charset=utf-8")
-			->withHeader('Content-Security-Policy', "script-src 'self'")
 			->withHeader('X-Content-Type-Options', 'nosniff')
 			->withHeader('X-XSS-Protection', '1;mode=block')
 			->withHeader('X-Frame-Options', 'SAMEORIGIN');