Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Fixed #15727 -- Added django-csp to contrib. #5776
This is copied from https://github.com/mozilla/django-csp
It's licensed under the MPL, but that's compatible with BSD https://www.mozilla.org/en-US/MPL/2.0/FAQ/#mpl-bsd-and-apache
pinging @jsocol who last committed to the project
It isn't obvious to me that making this a third-party app is the right choice. Security-related features tend to be implemented in core and not to be considered optional. However that argument may not apply to CSP as it is non-trivial and not every site will want it.