Merge branch 'master' into feature/csp-compatible
This commit is contained in:
commit
51a424aa15
1 changed files with 2 additions and 1 deletions
3
app.py
3
app.py
|
@ -96,13 +96,14 @@ app.register_blueprint(blueprints.well_known.blueprint)
|
|||
app.config.update(WTF_CSRF_CHECK_DEFAULT=False)
|
||||
app.config.update(SESSION_COOKIE_SECURE=True if config.SCHEME == "https" else False)
|
||||
|
||||
csrf.init_app(app)
|
||||
|
||||
csp = {
|
||||
"default-src": "'self'",
|
||||
"script-src": "'self'",
|
||||
"style-src-attr": "'unsafe-inline'",
|
||||
}
|
||||
|
||||
csrf.init_app(app)
|
||||
talisman = Talisman(
|
||||
app,
|
||||
content_security_policy=csp,
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue