add unsafe-eval CSP to application. The d3-graphviz 3.0 version is required to...

add unsafe-eval CSP to application. The d3-graphviz 3.0 version is required to open unsafe-eval CSP.

add unsafe-eval CSP to application. The d3-graphviz 3.0 version is required to...
add unsafe-eval CSP to application. The d3-graphviz 3.0 version is required to open unsafe-eval CSP.
3ac9b93d · ougongchang · e569b96b · 3ac9b93d
隐藏空白更改
内联并排

Showing with 1 addition and 0 deletion

mindinsight/backend/application.py mindinsight/backend/application.py +1 -0

未找到文件。
--- a/mindinsight/backend/application.py
+++ b/mindinsight/backend/application.py
@@ -45,6 +45,7 @@ def get_security_headers():
        'frame-src': ["'self'"] + domain_white_list,
        'frame-ancestors': ["'self'"] + domain_white_list,
        'default-src': ["'self'"],
+        'script-src': ["'self'", "'unsafe-eval'"]
    }
    headers = {