CSP
CSP (Content Security Policy) middleware signals to a browser to only execute
scripts which have come from the same domain. This provides some defence
against cross site scripting.
Usage
from piccolo_api.csp.middleware import CSPMiddleware
app = CSPMiddleware(my_asgi_app)
Source
CSPConfig
-
class piccolo_api.csp.middleware.CSPConfig(report_uri: 't.Optional[bytes]' = None, default_src: 'str' = 'self')[source]
CSPMiddleware
-
class piccolo_api.csp.middleware.CSPMiddleware(app: ASGIApp, config: CSPConfig = CSPConfig())[source]
Adds Content Security Policy headers to the response.