CGM_Public/pretix_cgo
1
0
Fork 0
forked from CGM_Public/pretix_original
Code Pull Requests Actions Activity

Wallet detection: Extend CSP header for google pay

Browse Source
This commit is contained in:
Raphael Michel
2023-07-28 16:49:11 +02:00
parent 401c02865b
commit 9e95f3be1b
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/pretix/base/middleware.py
View File

@@ -271,6 +271,8 @@ class SecurityMiddleware(MiddlewareMixin):
(url.url_name == "event.checkout" and url.kwargs['step'] == "payment") (url.url_name == "event.checkout" and url.kwargs['step'] == "payment")
): ):
h['script-src'].append('https://pay.google.com') h['script-src'].append('https://pay.google.com')
h['frame-src'].append('https://pay.google.com')
h['connect-src'].append('https://google.com/pay')
if settings.LOG_CSP: if settings.LOG_CSP:
h['report-uri'] = ["/csp_report/"] h['report-uri'] = ["/csp_report/"]
if 'Content-Security-Policy' in resp: if 'Content-Security-Policy' in resp: