sgr5/leerdoelen_tracker
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Activity

unsafe-inline fix
All checks were successful
Build & Push / Build & Push image (push) Successful in 39s
Details

Browse Source
This commit is contained in:
Sam Geyskens
2026-03-01 00:31:30 +01:00
parent 893c444000
commit 44f98d5286
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
backend/app.py
View File

@@ -91,7 +91,7 @@ def create_app():
# unsafe-inline is uitgeschakeld voor scripts — gebruik {{ csp_nonce() }} in <script> tags
csp = {
'default-src': ["'self'"],
'script-src': ["'self'", 'cdnjs.cloudflare.com'], # nonce wordt auto toegevoegd
'script-src': ["'self'", 'cdnjs.cloudflare.com', "'unsafe-inline'"], # unsafe-inline wordt genegeerd door browsers die nonce ondersteunen
'style-src': ["'self'", "'unsafe-inline'"], # inline styles in templates (aanvaardbaar)
'img-src': ["'self'", 'data:'],
'font-src': ["'self'"],