pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Allow static_url domain in prod

Browse Source
This commit is contained in:
richard-dds 2019-11-13 17:01:06 -05:00 committed by dandds
parent c10aedd4dc
commit 4c5a4f29b8
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
atst/app.py
View File

@ -127,6 +127,8 @@ def make_flask_callbacks(app):
def set_default_headers(app): # pragma: no cover def set_default_headers(app): # pragma: no cover
static_url = app.config.get("STATIC_URL")
@app.after_request @app.after_request
def _set_security_headers(response): def _set_security_headers(response):
response.headers[ response.headers[
@ -143,7 +145,7 @@ def set_default_headers(app): # pragma: no cover
else: else:
response.headers[ response.headers[
"Content-Security-Policy" "Content-Security-Policy"
] = "default-src 'self' 'unsafe-eval' 'unsafe-inline'" ] = f"default-src 'self' 'unsafe-eval' 'unsafe-inline' {static_url}"
return response return response