CGM_Public/pretix_cgo
1
0
Fork 0
forked from CGM_Public/pretix_original
Code Pull Requests Actions Activity

Fix #765 -- Include P3P header

Browse Source
This commit is contained in:
Raphael Michel
2018-06-25 12:17:49 +02:00
parent 9cff77be62
commit fb96787697
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/pretix/base/middleware.py
View File

@@ -172,6 +172,12 @@ class SecurityMiddleware(MiddlewareMixin):
return resp return resp
resp['X-XSS-Protection'] = '1' resp['X-XSS-Protection'] = '1'
# We just need to have a P3P, not matter whats in there
# https://blogs.msdn.microsoft.com/ieinternals/2013/09/17/a-quick-look-at-p3p/
# https://github.com/pretix/pretix/issues/765
resp['P3P'] = 'CP=\"ALL DSP COR CUR ADM TAI OUR IND COM NAV INT\"'
h = { h = {
'default-src': ["{static}"], 'default-src': ["{static}"],
'script-src': ['{static}', 'https://checkout.stripe.com', 'https://js.stripe.com'], 'script-src': ['{static}', 'https://checkout.stripe.com', 'https://js.stripe.com'],