Fix CSP mistake from 6 years ago.

https://content-security-policy.com/unsafe-inline/
2024-11-15 08:02:54 +11:00 · 2023-11-16 18:29:54 -06:00 · 2023-11-16 18:29:54 -06:00 · 83edabf4fd
commit 83edabf4fd
parent c5e519a3ef
1 changed files with 2 additions and 2 deletions
--- a/dpaste/settings/base.py
+++ b/dpaste/settings/base.py
@ -116,8 +116,8 @@ SECURE_BROWSER_XSS_FILTER = True
 SECURE_CONTENT_TYPE_NOSNIFF = True

 CSP_DEFAULT_SRC = ("'none'",)
-CSP_SCRIPT_SRC = ("'self'", "'unsafe-inline'")
-CSP_STYLE_SRC = ("'self'", "'unsafe-inline'")
+CSP_SCRIPT_SRC = ("'self'",)
+CSP_STYLE_SRC = ("'self'",)

 LOGGING = {
    "version": 1,