mirror of
https://github.com/ajurna/cbwebreader.git
synced 2025-12-06 14:17:19 +00:00
adding csp
This commit is contained in:
@@ -50,6 +50,7 @@ MIDDLEWARE = [
|
|||||||
"django.contrib.auth.middleware.AuthenticationMiddleware",
|
"django.contrib.auth.middleware.AuthenticationMiddleware",
|
||||||
"django.contrib.messages.middleware.MessageMiddleware",
|
"django.contrib.messages.middleware.MessageMiddleware",
|
||||||
"django.middleware.clickjacking.XFrameOptionsMiddleware",
|
"django.middleware.clickjacking.XFrameOptionsMiddleware",
|
||||||
|
'csp.middleware.CSPMiddleware',
|
||||||
]
|
]
|
||||||
|
|
||||||
ROOT_URLCONF = "cbreader.urls"
|
ROOT_URLCONF = "cbreader.urls"
|
||||||
@@ -144,4 +145,7 @@ BOOTSTRAP4 = {
|
|||||||
"integrity": "sha384-Piv4xVNRyMGpqkS2by6br4gNJ7DXjqk09RmUpJ8jgGtD7zP9yug3goQfGII0yAns",
|
"integrity": "sha384-Piv4xVNRyMGpqkS2by6br4gNJ7DXjqk09RmUpJ8jgGtD7zP9yug3goQfGII0yAns",
|
||||||
"crossorigin": "anonymous",
|
"crossorigin": "anonymous",
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
CSP_DEFAULT_SRC = ("'self'", "'unsafe-inline'", 'cdn.jsdelivr.net', 'cdn.datatables.net', 'i.creativecommons.org',
|
||||||
|
'code.jquery.com', 'licensebuttons.net', 'www.w3.org')
|
||||||
|
CSP_IMG_SRC = ("'self'", 'i.creativecommons.org', 'licensebuttons.net')
|
||||||
21
poetry.lock
generated
21
poetry.lock
generated
@@ -119,6 +119,21 @@ python-versions = ">=3.6"
|
|||||||
beautifulsoup4 = ">=4.8.0"
|
beautifulsoup4 = ">=4.8.0"
|
||||||
Django = ">=2.2"
|
Django = ">=2.2"
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "django-csp"
|
||||||
|
version = "3.7"
|
||||||
|
description = "Django Content Security Policy support."
|
||||||
|
category = "main"
|
||||||
|
optional = false
|
||||||
|
python-versions = "*"
|
||||||
|
|
||||||
|
[package.dependencies]
|
||||||
|
Django = ">=1.8"
|
||||||
|
|
||||||
|
[package.extras]
|
||||||
|
jinja2 = ["jinja2 (>=2.9.6)"]
|
||||||
|
tests = ["pytest (<4.0)", "pytest-django", "pytest-flakes (==1.0.1)", "pytest-pep8 (==1.0.6)", "pep8 (==1.4.6)", "mock (==1.0.1)", "six (==1.12.0)", "jinja2 (>=2.9.6)"]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "django-extensions"
|
name = "django-extensions"
|
||||||
version = "3.1.3"
|
version = "3.1.3"
|
||||||
@@ -455,7 +470,7 @@ dev = ["pytest (>=4.6.2)", "black (>=19.3b0)"]
|
|||||||
[metadata]
|
[metadata]
|
||||||
lock-version = "1.1"
|
lock-version = "1.1"
|
||||||
python-versions = "^3.8"
|
python-versions = "^3.8"
|
||||||
content-hash = "c099b73f4400e26ba585774697d71eb475d22e365ad1ce9e6699086b30f403ad"
|
content-hash = "71642aa577156d70c6033dbc260a2ab03d247a17d9b0b0500a9c9a0e0228fd68"
|
||||||
|
|
||||||
[metadata.files]
|
[metadata.files]
|
||||||
asgiref = [
|
asgiref = [
|
||||||
@@ -553,6 +568,10 @@ django-bootstrap4 = [
|
|||||||
{file = "django-bootstrap4-3.0.0.tar.gz", hash = "sha256:bffc96f65386fbd49cae1474393e01d4b414c12fcab0fff50545e6142e7ba19b"},
|
{file = "django-bootstrap4-3.0.0.tar.gz", hash = "sha256:bffc96f65386fbd49cae1474393e01d4b414c12fcab0fff50545e6142e7ba19b"},
|
||||||
{file = "django_bootstrap4-3.0.0-py3-none-any.whl", hash = "sha256:76a52fb22a8d3dbb2f7609b21908ce863e941a4462be079bf1d12025e551af37"},
|
{file = "django_bootstrap4-3.0.0-py3-none-any.whl", hash = "sha256:76a52fb22a8d3dbb2f7609b21908ce863e941a4462be079bf1d12025e551af37"},
|
||||||
]
|
]
|
||||||
|
django-csp = [
|
||||||
|
{file = "django_csp-3.7-py2.py3-none-any.whl", hash = "sha256:01443a07723f9a479d498bd7bb63571aaa771e690f64bde515db6cdb76e8041a"},
|
||||||
|
{file = "django_csp-3.7.tar.gz", hash = "sha256:01eda02ad3f10261c74131cdc0b5a6a62b7c7ad4fd017fbefb7a14776e0a9727"},
|
||||||
|
]
|
||||||
django-extensions = [
|
django-extensions = [
|
||||||
{file = "django-extensions-3.1.3.tar.gz", hash = "sha256:5f0fea7bf131ca303090352577a9e7f8bfbf5489bd9d9c8aea9401db28db34a0"},
|
{file = "django-extensions-3.1.3.tar.gz", hash = "sha256:5f0fea7bf131ca303090352577a9e7f8bfbf5489bd9d9c8aea9401db28db34a0"},
|
||||||
{file = "django_extensions-3.1.3-py3-none-any.whl", hash = "sha256:50de8977794a66a91575dd40f87d5053608f679561731845edbd325ceeb387e3"},
|
{file = "django_extensions-3.1.3-py3-none-any.whl", hash = "sha256:50de8977794a66a91575dd40f87d5053608f679561731845edbd325ceeb387e3"},
|
||||||
|
|||||||
@@ -26,6 +26,7 @@ Pillow = "^8.2.0"
|
|||||||
django-imagekit = "^4.0.2"
|
django-imagekit = "^4.0.2"
|
||||||
PyMuPDF = "^1.18.12"
|
PyMuPDF = "^1.18.12"
|
||||||
django-bootstrap4 = "^3.0.0"
|
django-bootstrap4 = "^3.0.0"
|
||||||
|
django-csp = "^3.7"
|
||||||
|
|
||||||
[tool.poetry.dev-dependencies]
|
[tool.poetry.dev-dependencies]
|
||||||
mypy = "^0.812"
|
mypy = "^0.812"
|
||||||
|
|||||||
Reference in New Issue
Block a user