Fix the CSP regression (#280)

* fix: csp * fix: failing tests
piccolo-orm · Mar 30, 2024 · f6567af · f6567af
1 parent d4f6e66
commit f6567af
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/piccolo_api/csp/middleware.py b/piccolo_api/csp/middleware.py
@@ -29,7 +29,7 @@ async def wrapped_send(message: Message):
             if message["type"] == "http.response.start":
                 headers = message.get("headers", [])
                 header_value = bytes(
-                    f"default-src: '{self.config.default_src}'", "utf8"
+                    f"default-src '{self.config.default_src}'", "utf8"
                 )
                 if self.config.report_uri:
                     header_value = (

diff --git a/tests/csp/test_csp.py b/tests/csp/test_csp.py
@@ -36,7 +36,7 @@ def test_headers(self):
         # Make sure the headers got added:
         self.assertEqual(
             response.headers["content-security-policy"],
-            "default-src: 'self'",
+            "default-src 'self'",
         )
 
         # Make sure the original headers are still intact:
@@ -53,7 +53,7 @@ def test_default_src(self):
 
         self.assertEqual(
             response.headers.get("content-security-policy"),
-            "default-src: 'none'",
+            "default-src 'none'",
         )
 
     def test_report_uri(self):
@@ -66,5 +66,5 @@ def test_report_uri(self):
 
         self.assertEqual(
             response.headers["content-security-policy"],
-            "default-src: 'self'; report-uri foo.com",
+            "default-src 'self'; report-uri foo.com",
         )