settings in its own modules
This commit is contained in:
parent
cb0696b0bd
commit
b81fbf7c94
4 changed files with 117 additions and 64 deletions
31
app/core/csp.py
Normal file
31
app/core/csp.py
Normal file
|
|
@ -0,0 +1,31 @@
|
|||
# -----------------------------------
|
||||
# DJANGO Content Security Policy
|
||||
# -----------------------------------
|
||||
|
||||
CSP_DEFAULT_SRC = (
|
||||
"'self'",
|
||||
"https://cdn.datatables.net",
|
||||
"https://cke4.ckeditor.com",
|
||||
)
|
||||
CSP_STYLE_SRC = (
|
||||
"'self'",
|
||||
"'unsafe-inline'",
|
||||
"https://bootswatch.com",
|
||||
"https://cdn.datatables.net",
|
||||
"https://cdnjs.cloudflare.com",
|
||||
"https://fonts.googleapis.com",
|
||||
)
|
||||
CSP_SCRIPT_SRC = (
|
||||
"'self'",
|
||||
"'unsafe-inline'",
|
||||
"https://cdn.datatables.net",
|
||||
"https://cdn.jsdelivr.net",
|
||||
"https://code.jquery.com",
|
||||
)
|
||||
CSP_INCLUDE_NONCE_IN = ["script-src"]
|
||||
CSP_IMG_SRC = ("'self'", "data:")
|
||||
CSP_FONT_SRC = (
|
||||
"'self'",
|
||||
"https://fonts.gstatic.com",
|
||||
"https://cdnjs.cloudflare.com",
|
||||
)
|
||||
Loading…
Add table
Add a link
Reference in a new issue