Skip to content

Commit

Permalink
Add quotes to 'unsafe-inline', add 'unsafe-eval'
Browse files Browse the repository at this point in the history
  • Loading branch information
@will-moore
will-moore committed Jan 23, 2024
1 parent 787aa01 commit 689325a
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions omeroweb/settings.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1181,7 +1181,7 @@ def check_session_engine(s):
],
"omero.web.csp_script_src": [
"CSP_SCRIPT_SRC",
'["\'self\'", "unsafe-inline"]',
'["\'self\'", "\'unsafe-inline\'", "\'unsafe-eval\'"]',
json.loads,
"Set the CSP script-src directive",
],
Expand All @@ -1193,7 +1193,7 @@ def check_session_engine(s):
],
"omero.web.csp_style_src": [
"CSP_STYLE_SRC",
'["\'self\'", "unsafe-inline"]',
'["\'self\'", "\'unsafe-inline\'"]',
json.loads,
"Set the CSP style-src directive",
],
Expand Down

0 comments on commit 689325a

Please sign in to comment.