Index: openacs-4/packages/openacs-bootstrap3-theme/openacs-bootstrap3-theme.info
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/openacs-bootstrap3-theme/openacs-bootstrap3-theme.info,v
diff -u -r1.1.2.3 -r1.1.2.4
--- openacs-4/packages/openacs-bootstrap3-theme/openacs-bootstrap3-theme.info	31 Aug 2016 17:17:52 -0000	1.1.2.3
+++ openacs-4/packages/openacs-bootstrap3-theme/openacs-bootstrap3-theme.info	10 Sep 2016 10:13:22 -0000	1.1.2.4
@@ -9,7 +9,7 @@
     <implements-subsite-p>f</implements-subsite-p>
     <inherit-templates-p>f</inherit-templates-p>
     
-    <version name="5.9.1d1" url="http://openacs.org/repository/download/apm/openacs-bootstrap3-theme-5.9.1d1.apm">
+    <version name="5.9.1d2" url="http://openacs.org/repository/download/apm/openacs-bootstrap3-theme-5.9.1d2.apm">
         <owner url="mailto:manderga@wu.ac.at">manderga</owner>
         <summary>Theme for OpenACS based on Twitter Bootstrap 3</summary>
         <release-date>2016-07-09</release-date>
@@ -23,7 +23,7 @@
         <license>GPL version 2</license>
         <maturity>2</maturity>
 
-        <provides url="openacs-bootstrap3-theme" version="5.9.1d1"/>
+        <provides url="openacs-bootstrap3-theme" version="5.9.1d2"/>
         <requires url="acs-kernel" version="5.9.0"/>
         <requires url="acs-subsite" version="5.9.0"/>
 
Index: openacs-4/packages/openacs-bootstrap3-theme/resources/masters/plain-master.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/openacs-bootstrap3-theme/resources/masters/plain-master.tcl,v
diff -u -r1.1 -r1.1.2.1
--- openacs-4/packages/openacs-bootstrap3-theme/resources/masters/plain-master.tcl	8 Jul 2016 16:13:35 -0000	1.1
+++ openacs-4/packages/openacs-bootstrap3-theme/resources/masters/plain-master.tcl	10 Sep 2016 10:13:22 -0000	1.1.2.1
@@ -72,3 +72,8 @@
 
 set csrf [security::csrf::new]
 
+security::csp::require img-src ipv6-test.com
+security::csp::require style-src netdna.bootstrapcdn.com
+security::csp::require font-src netdna.bootstrapcdn.com
+security::csp::require font-src 'self'
+security::csp::require font-src netdna.bootstrapcdn.com