Add Content-Security-Policy headers

RockefellerArchiveCenter / aurora

A Django web application to receive, virus check and validate transfers of digital archival records, and allow archivists to appraise and accession those records.

http://projectelectron.rockarch.org/

MIT License

25 stars 6 forks source link

Add Content-Security-Policy headers #592

Closed helrond closed 1 year ago

helrond commented 1 year ago

Is your feature request related to a problem? Please describe.

We can improve the security of this application by adding Content-Security-Policy headers.

Describe the solution you'd like

Add the above headers using the django-csp library: https://django-csp.readthedocs.io/en/latest/index.html