#304 Include CSP header support to more browsers

author: Giovane <giovaneliberato@gmail.com> 2015-09-04 11:25:11 -0300
committer: Giovane <giovaneliberato@gmail.com> 2015-09-04 11:31:53 -0300
commit: d044a34e9b5a0c341581daae03ba40fc72005170 (patch)
tree: 5d33421a471020698a579467d5483b96307ebaef /service/pixelated/config/site.py
parent: 8c6a2155fd35180307eae39ae7c51ab56ab0efc2 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/service/pixelated/config/site.py b/service/pixelated/config/site.py
index c6e55102..bd149914 100644
--- a/service/pixelated/config/site.py
+++ b/service/pixelated/config/site.py
@@ -2,8 +2,12 @@ from twisted.web.server import Site, Request
 
 
 class AddCSPHeaderRequest(Request):
+    HEADER_VALUES = "default-src 'self'; style-src 'self' 'unsafe-inline'"
+
     def process(self):
-        self.setHeader("Content-Security-Policy", "default-src 'self'; style-src 'self' 'unsafe-inline'")
+        self.setHeader("Content-Security-Policy", self.HEADER_VALUES)
+        self.setHeader("X-Content-Security-Policy", self.HEADER_VALUES)
+        self.setHeader("X-Webkit-CSP", self.HEADER_VALUES)
         Request.process(self)
author	Giovane <giovaneliberato@gmail.com>	2015-09-04 11:25:11 -0300
committer	Giovane <giovaneliberato@gmail.com>	2015-09-04 11:31:53 -0300
commit	d044a34e9b5a0c341581daae03ba40fc72005170 (patch)
tree	5d33421a471020698a579467d5483b96307ebaef /service/pixelated/config/site.py
parent	8c6a2155fd35180307eae39ae7c51ab56ab0efc2 (diff)