no need to make nonce on <style>

This commit is contained in:
hiromi-mi 2020-06-20 10:20:09 +09:00
parent 10d77cf183
commit 015ef9e35b

2
app.py
View file

@ -112,7 +112,7 @@ talisman = Talisman(
app, app,
content_security_policy=csp, content_security_policy=csp,
force_https=False, # internal requests like /tasks/* are sent over HTTP force_https=False, # internal requests like /tasks/* are sent over HTTP
content_security_policy_nonce_in=["script-src", "style-src"], content_security_policy_nonce_in=["script-src"],
) )
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)