From be848fe9dd991ecae3851164a70c6999a3815d7d Mon Sep 17 00:00:00 2001
From: Daniel Winzen <daniel@danwin1210.de>
Date: Fri, 20 Oct 2023 19:06:52 +0200
Subject: [PATCH] Add missing Cross-Origin-Resource-Policy header - fixes #3

---
 counter.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/counter.php b/counter.php
index 7c00c6a..bd64c99 100644
--- a/counter.php
+++ b/counter.php
@@ -42,6 +42,7 @@ header_remove('X-Frame-Options');
 header("Content-Security-Policy: base-uri 'self'; default-src 'none'; frame-ancestors '*'");
 header('Content-Type: image/gif');
 header('Access-Control-Allow-Origin: *');
+header('Cross-Origin-Resource-Policy: cross-origin');
 
 //add visitor to db
 if(isSet($_COOKIE["counted$_REQUEST[id]"])){