octo/microblog.pub
1
0
Fork 0
mirror of https://git.sr.ht/~tsileo/microblog.pub synced 2025-06-05 21:59:23 +02:00
Code Issues Projects Releases Wiki Activity

More template fixes

Browse Source
This commit is contained in:
Thomas Sileo
2022-07-15 20:16:02 +02:00
parent d38fec6570
commit 0d3b41272f
3 changed files with 6 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/main.py
View File

@ -128,9 +128,9 @@ class CustomMiddleware:
headers["x-xss-protection"] = "1; mode=block"
headers["x-frame-options"] = "SAMEORIGIN"
# TODO(ts): disallow inline CSS?
headers["content-security-policy"] = (
"default-src 'self'" + " style-src 'self' 'unsafe-inline';"
)
headers[
"content-security-policy"
] = "default-src 'self' style-src 'unsafe-inline';"
if not DEBUG:
headers[
"strict-transport-security"