pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add ‘unsafe-inline’ to headers to fix rendering svgs

Browse Source
This commit is contained in:
George Drummond 2018-12-19 11:08:39 -05:00
parent 39d89c4d1b
commit acb405d799
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
atst/app.py
View File

@ -105,11 +105,11 @@ def set_default_headers(app): # pragma: no cover
if ENV == "dev":
response.headers[
"Content-Security-Policy"
] = "default-src 'self' 'unsafe-eval'; connect-src *"
] = "default-src 'self' 'unsafe-eval' 'unsafe-inline'; connect-src *"
else:
response.headers[
"Content-Security-Policy"
] = "default-src 'self' 'unsafe-eval'"
] = "default-src 'self' 'unsafe-eval' 'unsafe-inline'"
return response