CIRCL
/
lookyloo
mirror of https://github.com/CIRCL/lookyloo
2
0
Fork 0
Code Issues Releases Wiki Activity

fix: unable to see API doc due to CSP 

Fix #934

Related https://github.com/python-restx/flask-restx/issues/252
pull/937/head
Raphaël Vinot 2024-09-10 17:23:57 +02:00
parent 62746943cd
commit a9ce857289
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
website/web/__init__.py
View File

@ -75,7 +75,10 @@ app.debug = bool(os.environ.get('DEBUG', False))
SELF = "'self'" SELF = "'self'"
Talisman(app, Talisman(app,
force_https=False, force_https=False,
content_security_policy_nonce_in=['script-src', 'script-src-elem'], content_security_policy_nonce_in=['script-src',
# Cannot enable that because https://github.com/python-restx/flask-restx/issues/252
# 'script-src-elem'
],
content_security_policy={ content_security_policy={
'default-src': SELF, 'default-src': SELF,
'base-uri': SELF, 'base-uri': SELF,
@ -94,7 +97,8 @@ Talisman(app,
], ],
'script-src-elem': [ 'script-src-elem': [
SELF, SELF,
"'strict-dynamic'", # Cannot enable that because https://github.com/python-restx/flask-restx/issues/252
# "'strict-dynamic'",
"'unsafe-inline'", "'unsafe-inline'",
], ],
'style-src': [ 'style-src': [