darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-02-05 10:53:28 -05:00
Code Issues Packages Projects Releases Wiki Activity

Use csp nonces for inline scripts and styles

Browse Source
This commit is contained in:
Ryan Ahearn
2023-03-07 16:08:51 -05:00
parent e8e8c889d6
commit 2a6bc62003
5 changed files with 14 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/__init__.py
View File

@@ -30,7 +30,6 @@ from notifications_utils.formatters import (
get_lines_with_normalised_whitespace,
)
from notifications_utils.recipients import format_phone_number_human_readable
from notifications_utils.sanitise_text import SanitiseASCII
from werkzeug.exceptions import HTTPException as WerkzeugHTTPException
from werkzeug.exceptions import abort
from werkzeug.local import LocalProxy
@@ -147,6 +146,7 @@ navigation = {
'org_navigation': OrgNavigation(),
}
def _csp(config):
asset_domain = config['ASSET_DOMAIN']
logo_domain = config['LOGO_CDN_DOMAIN']