diff options
| author | Cédric Bonhomme <cedric@cedricbonhomme.org> | 2020-03-22 11:24:35 +0100 |
|---|---|---|
| committer | Cédric Bonhomme <cedric@cedricbonhomme.org> | 2020-03-22 11:24:35 +0100 |
| commit | f73003afca2b6cc9f48334958068b8f71e084342 (patch) | |
| tree | 7275c273dfab903b1c078db9804c569365432c57 /instance | |
| parent | Updated README. (diff) | |
| download | newspipe-f73003afca2b6cc9f48334958068b8f71e084342.tar.gz newspipe-f73003afca2b6cc9f48334958068b8f71e084342.tar.bz2 newspipe-f73003afca2b6cc9f48334958068b8f71e084342.zip | |
Added a way to manage Content Security Policy via the configuration file.
Diffstat (limited to 'instance')
| -rw-r--r-- | instance/production.py | 10 | ||||
| -rw-r--r-- | instance/sqlite.py | 10 |
2 files changed, 20 insertions, 0 deletions
diff --git a/instance/production.py b/instance/production.py index d0aebd7e..05827a56 100644 --- a/instance/production.py +++ b/instance/production.py @@ -26,6 +26,16 @@ SQLALCHEMY_DATABASE_URI = "postgres://{user}:{password}@{host}:{port}/{name}".fo name=DATABASE_NAME, **DB_CONFIG_DICT ) +# Security +CONTENT_SECURITY_POLICY = { + 'default-src': '\'self\'', + 'img-src': '*', + 'media-src': [ + 'youtube.com', + ], + 'script-src': '\'self\'' +} + # Crawler CRAWLING_METHOD = "default" DEFAULT_MAX_ERROR = 6 diff --git a/instance/sqlite.py b/instance/sqlite.py index e6065ed3..cec46f48 100644 --- a/instance/sqlite.py +++ b/instance/sqlite.py @@ -17,6 +17,16 @@ SECURITY_PASSWORD_SALT = "L8gTsyrpRQEF8jNWQPyvRfv7U5kJkD" # Database SQLALCHEMY_DATABASE_URI = "sqlite:///newspipe.db" +# Security +CONTENT_SECURITY_POLICY = { + 'default-src': '\'self\'', + 'img-src': '*', + 'media-src': [ + 'youtube.com', + ], + 'script-src': '\'self\'' +} + # Crawler CRAWLING_METHOD = "default" DEFAULT_MAX_ERROR = 6 |