kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-08-29 15:06:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

Optimized CSP

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach
2025-05-19 10:05:30 +02:00
parent ab8b99b2c1
commit cc3f5d75ea
6 changed files with 53 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
filter_plugins/csp_filters.py
View File

@@ -120,6 +120,16 @@ class FilterModule(object):
):
tokens.append('https://www.google.com')
# Enable loading via ancestors
if (
self.is_feature_enabled(applications, 'portfolio_iframe', application_id)
and directive == 'frame-ancestors'
):
domain = domains.get(application_id) # e.g. "sub.example.com" or "example.com"
# Extract the second-level + top-level domain and prefix with "*."
sld_tld = ".".join(domain.split(".")[-2:]) # yields "example.com"
tokens.append(f"*.{sld_tld}") # yields "*.example.com"
# whitelist
tokens += self.get_csp_whitelist(applications, application_id, directive)