Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement Content Security Policy on Response Headers #22

Open
Ebuube opened this issue Mar 20, 2025 · 0 comments
Open

Implement Content Security Policy on Response Headers #22

Ebuube opened this issue Mar 20, 2025 · 0 comments
Assignees
@Ebuube
Labels
Security Implementation of security features

Comments

@Ebuube
Copy link
Owner

Ebuube commented Mar 20, 2025
edited
Loading

Use Flask-Talisman for cleaner configuration of web_dynamic/app:app
To prevent execution of inline JavaScript except from self.

Jinja templating engine automatically escapes HTML, so it is the first line of defense.
Implementation of Content Security Policy will be the second line of defense.
@Ebuube Ebuube self-assigned this Mar 20, 2025
@Ebuube Ebuube added the Security Implementation of security features label Mar 20, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Ebuube Ebuube

Labels
Security Implementation of security features
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Ebuube