Repair styles and reports

2025-05-17 14:22:14 +02:00 · 2025-05-17 14:22:14 +02:00 · b612b23340
commit b612b23340
parent 435fbd4486
1 changed files with 19 additions and 1 deletions
--- a/app.py
+++ b/app.py
@ -15,7 +15,25 @@ app.config['SECRET_KEY'] = os.environ.get('SECRET_KEY', 'change-this-secret-key'
 csrf = CSRFProtect(app)

 # Security Headers
-Talisman(app)
+csp = {
+    'default-src': [
+        "'self'"
+    ],
+    'script-src': [
+        "'self'",
+        'https://cdn.jsdelivr.net/npm/chart.js',
+        "'unsafe-inline'"
+    ],
+    'style-src': [
+        "'self'",
+        "'unsafe-inline'"
+    ],
+    'img-src': [
+        "'self'",
+        'data:'
+    ]
+}
+Talisman(app, content_security_policy=csp)

 # Logging Configuration
 logging.basicConfig(level=logging.INFO, format='%(asctime)s %(levelname)s %(message)s')