From 41f3173e250db00c04ff39a74e83049d44d53c92 Mon Sep 17 00:00:00 2001
From: Julian Prieber <julian.prieber@llc.ovh>
Date: Thu, 19 Jan 2023 23:23:36 +0100
Subject: [PATCH] Update lang.blade.php

---
 resources/views/layouts/lang.blade.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/resources/views/layouts/lang.blade.php b/resources/views/layouts/lang.blade.php
index 7c7b605..82adebd 100644
--- a/resources/views/layouts/lang.blade.php
+++ b/resources/views/layouts/lang.blade.php
@@ -8,6 +8,7 @@
 {{-- Redirects to https if enabled in the advanced-config --}}
 @if(env('FORCE_ROUTE_HTTPS') == 'true')
 @php
+header("Content-Security-Policy: upgrade-insecure-requests");
 if (! isset($_SERVER['HTTPS']) or $_SERVER['HTTPS'] == 'off' ) {
     $redirect_url = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
     header("Location: $redirect_url");