From f73003afca2b6cc9f48334958068b8f71e084342 Mon Sep 17 00:00:00 2001 From: Cédric Bonhomme Date: Sun, 22 Mar 2020 11:24:35 +0100 Subject: Added a way to manage Content Security Policy via the configuration file. --- instance/production.py | 10 ++++++++++ instance/sqlite.py | 10 ++++++++++ 2 files changed, 20 insertions(+) (limited to 'instance') diff --git a/instance/production.py b/instance/production.py index d0aebd7e..05827a56 100644 --- a/instance/production.py +++ b/instance/production.py @@ -26,6 +26,16 @@ SQLALCHEMY_DATABASE_URI = "postgres://{user}:{password}@{host}:{port}/{name}".fo name=DATABASE_NAME, **DB_CONFIG_DICT ) +# Security +CONTENT_SECURITY_POLICY = { + 'default-src': '\'self\'', + 'img-src': '*', + 'media-src': [ + 'youtube.com', + ], + 'script-src': '\'self\'' +} + # Crawler CRAWLING_METHOD = "default" DEFAULT_MAX_ERROR = 6 diff --git a/instance/sqlite.py b/instance/sqlite.py index e6065ed3..cec46f48 100644 --- a/instance/sqlite.py +++ b/instance/sqlite.py @@ -17,6 +17,16 @@ SECURITY_PASSWORD_SALT = "L8gTsyrpRQEF8jNWQPyvRfv7U5kJkD" # Database SQLALCHEMY_DATABASE_URI = "sqlite:///newspipe.db" +# Security +CONTENT_SECURITY_POLICY = { + 'default-src': '\'self\'', + 'img-src': '*', + 'media-src': [ + 'youtube.com', + ], + 'script-src': '\'self\'' +} + # Crawler CRAWLING_METHOD = "default" DEFAULT_MAX_ERROR = 6 -- cgit