From 1c1c96e6fd0ce41a413aec9a4fd7d490ae7d1ca5 Mon Sep 17 00:00:00 2001 From: Cédric Bonhomme Date: Sun, 22 Mar 2020 14:20:49 +0100 Subject: allow insafe-inline --- instance/production.py | 10 ++++++++-- instance/sqlite.py | 9 ++++++++- 2 files changed, 16 insertions(+), 3 deletions(-) (limited to 'instance') diff --git a/instance/production.py b/instance/production.py index 05827a56..90f27c1c 100644 --- a/instance/production.py +++ b/instance/production.py @@ -33,9 +33,15 @@ CONTENT_SECURITY_POLICY = { 'media-src': [ 'youtube.com', ], - 'script-src': '\'self\'' + 'script-src': [ + '\'self\'', + '\'unsafe-inline\'', + ], + 'style-src': [ + '\'self\'', + '\'unsafe-inline\'', + ] } - # Crawler CRAWLING_METHOD = "default" DEFAULT_MAX_ERROR = 6 diff --git a/instance/sqlite.py b/instance/sqlite.py index cec46f48..0407ca1b 100644 --- a/instance/sqlite.py +++ b/instance/sqlite.py @@ -24,7 +24,14 @@ CONTENT_SECURITY_POLICY = { 'media-src': [ 'youtube.com', ], - 'script-src': '\'self\'' + 'script-src': [ + '\'self\'', + '\'unsafe-inline\'', + ], + 'style-src': [ + '\'self\'', + '\'unsafe-inline\'', + ] } # Crawler -- cgit