mirror of
				https://github.com/janeczku/calibre-web
				synced 2025-10-25 20:37:41 +00:00 
			
		
		
		
	Merge remote-tracking branch 'csp/patch-2'
Updated testresult
This commit is contained in:
		| @@ -91,10 +91,10 @@ def add_security_headers(resp): | ||||
|     if request.endpoint == "edit-book.show_edit_book" or config.config_use_google_drive: | ||||
|         csp += " *;" | ||||
|     elif request.endpoint == "web.read_book": | ||||
|         csp += " style-src-elem 'self' blob: 'unsafe-inline';" | ||||
|         csp += " blob:; style-src-elem 'self' blob: 'unsafe-inline';" | ||||
|     else: | ||||
|         csp += ";" | ||||
|     csp += "object-src: 'none';" | ||||
|     csp += " object-src 'none';" | ||||
|     resp.headers['Content-Security-Policy'] = csp | ||||
|     resp.headers['X-Content-Type-Options'] = 'nosniff' | ||||
|     resp.headers['X-Frame-Options'] = 'SAMEORIGIN' | ||||
|   | ||||
| @@ -38,7 +38,7 @@ console_scripts = | ||||
| [options] | ||||
| include_package_data = True | ||||
| install_requires =  | ||||
| 	APScheduler>=3.6.3,<3.10.0 | ||||
| 	APScheduler>=3.6.3,<3.11.0 | ||||
| 	werkzeug<2.1.0 | ||||
| 	Babel>=1.3,<3.0 | ||||
| 	Flask-Babel>=0.11.1,<3.1.0 | ||||
|   | ||||
										
											
												File diff suppressed because it is too large
												Load Diff
											
										
									
								
							
		Reference in New Issue
	
	Block a user
	 Ozzie Isaacs
					Ozzie Isaacs