31 lines
No EOL
734 B
Python
31 lines
No EOL
734 B
Python
# -----------------------------------
|
|
# DJANGO Content Security Policy
|
|
# -----------------------------------
|
|
|
|
CSP_DEFAULT_SRC = (
|
|
"'self'",
|
|
"https://cdn.datatables.net",
|
|
"https://cke4.ckeditor.com",
|
|
)
|
|
CSP_STYLE_SRC = (
|
|
"'self'",
|
|
"'unsafe-inline'",
|
|
"https://bootswatch.com",
|
|
"https://cdn.datatables.net",
|
|
"https://cdnjs.cloudflare.com",
|
|
"https://fonts.googleapis.com",
|
|
)
|
|
CSP_SCRIPT_SRC = (
|
|
"'self'",
|
|
"'unsafe-inline'",
|
|
"https://cdn.datatables.net",
|
|
"https://cdn.jsdelivr.net",
|
|
"https://code.jquery.com",
|
|
)
|
|
CSP_INCLUDE_NONCE_IN = ["script-src"]
|
|
CSP_IMG_SRC = ("'self'", "data:")
|
|
CSP_FONT_SRC = (
|
|
"'self'",
|
|
"https://fonts.gstatic.com",
|
|
"https://cdnjs.cloudflare.com",
|
|
) |