openedx / edx-django-utils

edX utilities for Django Application development.
https://edx.readthedocs.io/projects/edx-django-utils/en/latest/
Apache License 2.0
26 stars 20 forks source link

feat: Middleware to add Content-Security-Policy headers #289

Closed timmc-edx closed 1 year ago

timmc-edx commented 1 year ago

This replaces https://github.com/edx/edx-arch-experiments/pull/256 and removes some features. First commit is a straight copy of the Python (plus a couple of unrelated fixes), second commit contains unreviewed changes.

Merge checklist:

timmc-edx commented 1 year ago

Tests were passing before the previous two commits, but now there's something badly wrong with the codecov package (https://pypi.org/project/codecov/) and CI is broken. But make test, make quality, and make docs all work locally, so I'm going to go ahead and merge.