From b612b23340074e6ad8c2efb06eca91b080f59165 Mon Sep 17 00:00:00 2001
From: Greg <trystuffwospam@livingonlinenow.com>
Date: Sat, 17 May 2025 14:22:14 +0200
Subject: [PATCH] Repair styles and reports

---
 app.py | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/app.py b/app.py
index 5871630..756c0df 100644
--- a/app.py
+++ b/app.py
@@ -15,7 +15,25 @@ app.config['SECRET_KEY'] = os.environ.get('SECRET_KEY', 'change-this-secret-key'
 csrf = CSRFProtect(app)
 
 # Security Headers
-Talisman(app)
+csp = {
+    'default-src': [
+        "'self'"
+    ],
+    'script-src': [
+        "'self'",
+        'https://cdn.jsdelivr.net/npm/chart.js',
+        "'unsafe-inline'"
+    ],
+    'style-src': [
+        "'self'",
+        "'unsafe-inline'"
+    ],
+    'img-src': [
+        "'self'",
+        'data:'
+    ]
+}
+Talisman(app, content_security_policy=csp)
 
 # Logging Configuration
 logging.basicConfig(level=logging.INFO, format='%(asctime)s %(levelname)s %(message)s')