altf4arnold/datatracker
1
0
Fork 0
Code Issues Pull requests Actions 3 Packages Projects Releases Wiki Activity

chore: alter CSP to enable analytics (#3941)

Browse source
This commit is contained in:
Robert Sparks 2022-05-09 13:38:50 -05:00 committed by GitHub
parent cdd86b9d5e
commit 47b89c1112
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
ietf/settings.py
View file

@ -516,7 +516,7 @@ CORS_URLS_REGEX = r'^(/api/.*|.*\.json|.*/json/?)$'
REFERRER_POLICY = 'strict-origin-when-cross-origin'
# Content security policy configuration (django-csp)
CSP_DEFAULT_SRC = ("'self'", "'unsafe-inline'", "data: https://datatracker.ietf.org/ https://www.ietf.org/")
CSP_DEFAULT_SRC = ("'self'", "'unsafe-inline'", "data: https://datatracker.ietf.org/ https://www.ietf.org/ https://analytics.ietf.org/")
# django.middleware.security.SecurityMiddleware
SECURE_BROWSER_XSS_FILTER = True