optimized CSP for peertube

This commit is contained in:
Kevin Veen-Birkenbach 2025-06-30 18:10:19 +02:00
parent 02d478186c
commit 925f20f1e1
No known key found for this signature in database
GPG Key ID: 44D8F11FD62F878E
3 changed files with 6 additions and 0 deletions

View File

@ -96,6 +96,7 @@ class FilterModule(object):
'font-src',
'worker-src',
'manifest-src',
'media-src',
]
parts = []

View File

@ -16,6 +16,10 @@ csp:
whitelist:
frame-ancestors:
- "*"
media-src:
- "blob:"
font-src:
- "data:"
domains:
canonical:
- "video.{{ primary_domain }}"

View File

@ -15,6 +15,7 @@ class TestCspConfigurationConsistency(unittest.TestCase):
'font-src',
'worker-src',
'manifest-src',
'media-src'
}
SUPPORTED_FLAGS = {'unsafe-eval', 'unsafe-inline'}