CSP

CSP (Content Security Policy) middleware signals to a browser to only execute scripts which have come from the same domain. This provides some defence against cross site scripting.


Usage

from piccolo_api.csp.middleware import CSPMiddleware

app = CSPMiddleware(my_asgi_app)

Source

CSPConfig

class piccolo_api.csp.middleware.CSPConfig(report_uri: 't.Optional[bytes]' = None, default_src: 'str' = 'self')[source]

CSPMiddleware

class piccolo_api.csp.middleware.CSPMiddleware(app: ASGIApp, config: CSPConfig = CSPConfig())[source]

Adds Content Security Policy headers to the response.