Mastodon
/
forget-cancellare-vecchi-toot
mirror of https://github.com/codl/forget
2
0
Fork 0
Code Issues Releases Wiki Activity

Revert "you know what, screw sentry. bye" 

This reverts commit 175e313e03.
This commit is contained in:
codl 2017-08-31 19:58:48 +02:00
parent 66895e7108
commit 6696188601
No known key found for this signature in database
GPG Key ID: 6CD7C8891ED1233A
2 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
app.py
View File

@ -80,13 +80,17 @@ limiter = Limiter(app, key_func=rate_limit_key)
def install_security_headers(resp):
csp = ("default-src 'none';"
"img-src 'self' https:;"
"script-src 'self';"
"style-src 'self' 'unsafe-inline';"
"connect-src 'self';"
"frame-ancestors 'none';"
)
if 'SENTRY_DSN' in app.config:
csp += "script-src 'self' https://cdn.ravenjs.com/;"
else:
csp += "script-src 'self';"
if 'CSP_REPORT_URI' in app.config:
csp += "; report-uri " + app.config.get('CSP_REPORT_URI')
csp += "report-uri " + app.config.get('CSP_REPORT_URI')
if app.config.get('HTTPS'):
resp.headers.set('strict-transport-security',

5
templates/lib/layout.html
View File

@ -12,6 +12,11 @@
<meta name='og:type' content='website' />
<meta name='twitter:card' content='summary' />
<meta name='twitter:site:id' content='808418'/>
{% if sentry_dsn -%}
<script defer src="https://cdn.ravenjs.com/3.17.0/raven.min.js" crossorigin="anonymous"
onload="Raven.config('{{sentry_dsn}}').install()"></script>
{% endif -%}
{% block scripts %}{% endblock %}
</head>
{%- from 'lib/picture.html' import picture %}