diff options
| author | Kali Kaneko <kali@leap.se> | 2017-07-25 11:40:11 -0400 |
|---|---|---|
| committer | Kali Kaneko <kali@leap.se> | 2017-07-25 11:40:29 -0400 |
| commit | 91e4481c450eb7eb928debc1cb7fa59bdb63dd7b (patch) | |
| tree | 8fd7e6e77b6df669c33d96b7edad6db3cbe14dfe /service/pixelated/config/site.py | |
| parent | e4f755309d4cf5cfb6b0bcc62ed73d6070956ab5 (diff) | |
[pkg] packaging and path changes
- move all the pixelated python package under src/
- move the pixelated_www package under the leap namespace
- allow to set globally the static folder
- add hours and minutes to the timestamp in package version, to allow
for several releases a day.
Diffstat (limited to 'service/pixelated/config/site.py')
| -rw-r--r-- | service/pixelated/config/site.py | 47 |
1 files changed, 0 insertions, 47 deletions
diff --git a/service/pixelated/config/site.py b/service/pixelated/config/site.py deleted file mode 100644 index 96554584..00000000 --- a/service/pixelated/config/site.py +++ /dev/null @@ -1,47 +0,0 @@ -# -# Copyright (c) 2015 ThoughtWorks, Inc. -# -# Pixelated is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Pixelated is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public License -# along with Pixelated. If not, see <http://www.gnu.org/licenses/>. - -from twisted.web.server import Site, Request - - -class AddSecurityHeadersRequest(Request): - CSP_HEADER_VALUES = "default-src 'self'; style-src 'self' 'unsafe-inline'" - - def process(self): - self.setHeader('Content-Security-Policy', self.CSP_HEADER_VALUES) - self.setHeader('X-Content-Security-Policy', self.CSP_HEADER_VALUES) - self.setHeader('X-Webkit-CSP', self.CSP_HEADER_VALUES) - self.setHeader('X-Frame-Options', 'SAMEORIGIN') - self.setHeader('X-XSS-Protection', '1; mode=block') - self.setHeader('X-Content-Type-Options', 'nosniff') - - if self.isSecure(): - self.setHeader('Strict-Transport-Security', 'max-age=31536000; includeSubDomains') - - Request.process(self) - - -class PixelatedSite(Site): - - requestFactory = AddSecurityHeadersRequest - - @classmethod - def enable_csp_requests(cls): - cls.requestFactory = AddSecurityHeadersRequest - - @classmethod - def disable_csp_requests(cls): - cls.requestFactory = Site.requestFactory |