Skip to content

Commit

Permalink
Add swagger to CSP
Browse files Browse the repository at this point in the history
  • Loading branch information
aloftus23 committed Dec 5, 2024
1 parent 5f4cdd8 commit c9849ee
Showing 1 changed file with 9 additions and 1 deletion.
10 changes: 9 additions & 1 deletion backend/src/xfd_django/xfd_django/asgi.py
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@
"'self'",
os.getenv("COGNITO_URL"),
os.getenv("BACKEND_DOMAIN"),
"https://cdn.jsdelivr.net/npm/[email protected]/swagger-ui-bundle.js"
],
"frame-src": ["'self'", "https://www.dhs.gov/ntas/"],
"img-src": [
Expand All @@ -42,6 +43,7 @@
os.getenv("FRONTEND_DOMAIN"),
"https://www.ssa.gov",
"https://www.dhs.gov",
"https://fastapi.tiangolo.com/img/favicon.png"
],
"object-src": ["'none'"],
"script-src": [
Expand All @@ -50,9 +52,15 @@
"https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js",
"https://www.ssa.gov/accessibility/andi/fandi.js",
"https://www.ssa.gov/accessibility/andi/andi.js",
"https://cdn.jsdelivr.net/npm/[email protected]/swagger-ui-bundle.js",
"'sha256-QOOQu4W1oxGqd2nbXbxiA1Di6OHQOLQD+o+G9oWL8YY='",
"https://www.dhs.gov",
],
"style-src": ["'self'", "'unsafe-inline'"],
"style-src": [
"'self'",
"'unsafe-inline'",
"https://cdn.jsdelivr.net/npm/[email protected]/swagger-ui.css"
],
"frame-ancestors": ["'none'"],
}

Expand Down

0 comments on commit c9849ee

Please sign in to comment.