adding csp

2025-12-06 06:17:17 +00:00 · 2021-05-04 09:21:13 +01:00
parent d21ec61f06
commit 10ffd01a2e
7 changed files with 19 additions and 10 deletions
--- a/cbreader/settings/base.py
+++ b/cbreader/settings/base.py
@@ -152,4 +152,5 @@ CSP_IMG_SRC = ("'self'", "data:")
 CSP_FONT_SRC = ("'self'")
 CSP_SCRIPT_SRC = ("'self'", 'code.jquery.com', 'cdn.jsdelivr.net', 'cdn.datatables.net')
 CSP_CONNECT_SRC = ("'self'")
-CSP_INCLUDE_NONCE_IN = ['script-src']
+CSP_INCLUDE_NONCE_IN = ['script-src']
+CSP_SCRIPT_SRC_ATTR = ("'self'", "'unsafe-inline'")