38 lines
631 B
Python
38 lines
631 B
Python
CSP_DEFAULT_SRC = ("'self'",)
|
|
|
|
CSP_FRAME_ANCESTORS = ("'self'",)
|
|
|
|
CSP_SCRIPT_SRC = (
|
|
"'self'",
|
|
"'nonce'",
|
|
"https://cdn.jsdelivr.net",
|
|
"https://cdnjs.cloudflare.com",
|
|
)
|
|
|
|
CSP_STYLE_SRC = (
|
|
"'self'",
|
|
"'unsafe-inline'",
|
|
"https://fonts.googleapis.com",
|
|
)
|
|
|
|
CSP_IMG_SRC = ("'self'", "data:", "https://cdn.jsdelivr.net")
|
|
|
|
CSP_CONNECT_SRC = (
|
|
"'self'",
|
|
"https://api.openai.com",
|
|
)
|
|
|
|
CSP_FONT_SRC = (
|
|
"'self'",
|
|
"https://fonts.gstatic.com",
|
|
)
|
|
|
|
CSP_OBJECT_SRC = ("'none'",)
|
|
|
|
CSP_MEDIA_SRC = ("'self'",)
|
|
|
|
CSP_FORM_ACTION = ("'self'",)
|
|
|
|
CSP_WORKER_SRC = ("'self'",)
|
|
|
|
CSP_REPORT_URI = "/csp-violation/"
|