fix: unable to see API doc due to CSP

Fix #934 Related https://github.com/python-restx/flask-restx/issues/252
2024-09-10 17:23:57 +02:00 · 2024-09-10 17:23:57 +02:00 · a9ce857289
parent 62746943cd
commit a9ce857289
1 changed files with 6 additions and 2 deletions
--- a/website/web/init.py
+++ b/website/web/init.py
@ -75,7 +75,10 @@ app.debug = bool(os.environ.get('DEBUG', False))
 SELF = "'self'"
 Talisman(app,
         force_https=False,
-         content_security_policy_nonce_in=['script-src', 'script-src-elem'],
+         content_security_policy_nonce_in=['script-src',
+                                           # Cannot enable that because https://github.com/python-restx/flask-restx/issues/252
+                                           # 'script-src-elem'
+                                           ],
         content_security_policy={
             'default-src': SELF,
             'base-uri': SELF,
@ -94,7 +97,8 @@ Talisman(app,
             ],
             'script-src-elem': [
                 SELF,
-                 "'strict-dynamic'",
+                 # Cannot enable that because https://github.com/python-restx/flask-restx/issues/252
+                 # "'strict-dynamic'",
                 "'unsafe-inline'",
             ],
             'style-src': [