Mastodon
/
forget-cancellare-vecchi-toot
mirror of https://github.com/codl/forget
2
0
Fork 0
Code Issues Releases Wiki Activity

you know what, screw sentry. bye

This commit is contained in:
codl 2017-08-28 01:53:59 +02:00
parent af407ff1f2
commit 175e313e03
No known key found for this signature in database
GPG Key ID: 6CD7C8891ED1233A
2 changed files with 1 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
app.py
View File

@ -74,12 +74,7 @@ limiter = Limiter(app, key_func=rate_limit_key)
@app.after_request
def install_security_headers(resp):
csp = "default-src 'none'; img-src 'self' https: http:; style-src 'self' 'unsafe-inline'; connect-src 'self'; frame-ancestors 'none'"
if 'SENTRY_DSN' in app.config:
csp += "; script-src 'self' https://cdn.ravenjs.com/"
else:
csp += "; script-src 'self'"
csp = "default-src 'none'; img-src 'self' https: http:; script-src 'self'; style-src 'self' 'unsafe-inline'; connect-src 'self'; frame-ancestors 'none'"
if 'CSP_REPORT_URI' in app.config:
csp += "; report-uri " + app.config.get('CSP_REPORT_URI')
resp.headers.set('Content-Security-Policy', csp)

5
templates/lib/layout.html
View File

@ -12,11 +12,6 @@
<meta name='og:type' content='website' />
<meta name='twitter:card' content='summary' />
<meta name='twitter:site:id' content='808418'/>
{% if sentry_dsn -%}
<script defer src="https://cdn.ravenjs.com/3.17.0/raven.min.js" crossorigin="anonymous"
onload="Raven.config('{{sentry_dsn}}').install()"></script>
{% endif -%}
{% block scripts %}{% endblock %}
</head>
{%- from 'lib/picture.html' import picture %}