diff --git a/app.py b/app.py
index 167fa07..476d7ae 100644
--- a/app.py
+++ b/app.py
@@ -80,13 +80,17 @@ limiter = Limiter(app, key_func=rate_limit_key)
def install_security_headers(resp):
csp = ("default-src 'none';"
"img-src 'self' https:;"
- "script-src 'self';"
"style-src 'self' 'unsafe-inline';"
"connect-src 'self';"
"frame-ancestors 'none';"
)
+ if 'SENTRY_DSN' in app.config:
+ csp += "script-src 'self' https://cdn.ravenjs.com/;"
+ else:
+ csp += "script-src 'self';"
+
if 'CSP_REPORT_URI' in app.config:
- csp += "; report-uri " + app.config.get('CSP_REPORT_URI')
+ csp += "report-uri " + app.config.get('CSP_REPORT_URI')
if app.config.get('HTTPS'):
resp.headers.set('strict-transport-security',
diff --git a/templates/lib/layout.html b/templates/lib/layout.html
index 2413739..5fd3a7a 100644
--- a/templates/lib/layout.html
+++ b/templates/lib/layout.html
@@ -12,6 +12,11 @@
+
+ {% if sentry_dsn -%}
+
+ {% endif -%}
{% block scripts %}{% endblock %}
{%- from 'lib/picture.html' import picture %}