aboutsummaryrefslogtreecommitdiff
path: root/instance
diff options
context:
space:
mode:
Diffstat (limited to 'instance')
-rw-r--r--instance/production.py10
-rw-r--r--instance/sqlite.py10
2 files changed, 20 insertions, 0 deletions
diff --git a/instance/production.py b/instance/production.py
index d0aebd7e..05827a56 100644
--- a/instance/production.py
+++ b/instance/production.py
@@ -26,6 +26,16 @@ SQLALCHEMY_DATABASE_URI = "postgres://{user}:{password}@{host}:{port}/{name}".fo
name=DATABASE_NAME, **DB_CONFIG_DICT
)
+# Security
+CONTENT_SECURITY_POLICY = {
+ 'default-src': '\'self\'',
+ 'img-src': '*',
+ 'media-src': [
+ 'youtube.com',
+ ],
+ 'script-src': '\'self\''
+}
+
# Crawler
CRAWLING_METHOD = "default"
DEFAULT_MAX_ERROR = 6
diff --git a/instance/sqlite.py b/instance/sqlite.py
index e6065ed3..cec46f48 100644
--- a/instance/sqlite.py
+++ b/instance/sqlite.py
@@ -17,6 +17,16 @@ SECURITY_PASSWORD_SALT = "L8gTsyrpRQEF8jNWQPyvRfv7U5kJkD"
# Database
SQLALCHEMY_DATABASE_URI = "sqlite:///newspipe.db"
+# Security
+CONTENT_SECURITY_POLICY = {
+ 'default-src': '\'self\'',
+ 'img-src': '*',
+ 'media-src': [
+ 'youtube.com',
+ ],
+ 'script-src': '\'self\''
+}
+
# Crawler
CRAWLING_METHOD = "default"
DEFAULT_MAX_ERROR = 6
bgstack15