From 6354b2aa2c8116f8eca20b43a043b611b6609804 Mon Sep 17 00:00:00 2001
From: Henry Castro <hcastro@collabora.com>
Date: Tue, 27 Oct 2015 23:10:48 -0400
Subject: [PATCH] cloudsuite: add Frame Domain policy

---
 controller/documentcontroller.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/controller/documentcontroller.php b/controller/documentcontroller.php
index c23b54df..60fb1ab0 100644
--- a/controller/documentcontroller.php
+++ b/controller/documentcontroller.php
@@ -65,6 +65,7 @@ class DocumentController extends Controller{
 		$policy = new ContentSecurityPolicy();
 		//$policy->addAllowedChildSrcDomain('\'self\' http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js http://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.12/jquery.mousewheel.min.js \'unsafe-eval\'');
 		$policy->addAllowedScriptDomain('\'self\' http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js http://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.12/jquery.mousewheel.min.js \'unsafe-eval\'');
+		$policy->addAllowedFrameDomain('\'self\' http://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js http://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.12/jquery.mousewheel.min.js \'unsafe-eval\'');
 		$policy->addAllowedConnectDomain('ws://' . $_SERVER['SERVER_NAME'] . ':9980');
 		$policy->addAllowedImageDomain('*');
 		$policy->allowInlineScript(true);