From d044a34e9b5a0c341581daae03ba40fc72005170 Mon Sep 17 00:00:00 2001 From: Giovane Date: Fri, 4 Sep 2015 11:25:11 -0300 Subject: #304 Include CSP header support to more browsers --- service/pixelated/config/site.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'service/pixelated/config/site.py') diff --git a/service/pixelated/config/site.py b/service/pixelated/config/site.py index c6e55102..bd149914 100644 --- a/service/pixelated/config/site.py +++ b/service/pixelated/config/site.py @@ -2,8 +2,12 @@ from twisted.web.server import Site, Request class AddCSPHeaderRequest(Request): + HEADER_VALUES = "default-src 'self'; style-src 'self' 'unsafe-inline'" + def process(self): - self.setHeader("Content-Security-Policy", "default-src 'self'; style-src 'self' 'unsafe-inline'") + self.setHeader("Content-Security-Policy", self.HEADER_VALUES) + self.setHeader("X-Content-Security-Policy", self.HEADER_VALUES) + self.setHeader("X-Webkit-CSP", self.HEADER_VALUES) Request.process(self) -- cgit v1.2.3