Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Fixed #15727 -- Add support for Content-Security-Policy header support for SecurityMiddleware #3550
I will try to review this in detail next week or so, in the meantime I am going to trigger the build to see if flake8 detection works as I notice there are some warnings in this patch. If you could please rebase your patch instead of merging master into your branch, that's ideal when it comes to commit, thanks.
As noted on the ticket, " The important thing for django to support is to make the admin compatible with CSP. Otherwise, most installations can't use CSP anyway." Closing due to inactivity. Please send a new PR if you want to revive this.
I guess we should discuss the comment on the ticket, "I don't see any value in adding the ability for django to set the CSP header for you. I can easily do that myself with a middleware." on the django-developers mailing list as well, before putting more time into this.