CGM_Public/pretix_original
2
0
Fork 1
mirror of https://github.com/pretix/pretix.git synced 2026-05-04 15:04:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fixed broken Django error pages due to CSP headers

Browse Source
This commit is contained in:
Raphael Michel
2016-07-29 20:53:51 +02:00
parent 4ab819aeed
commit 99604036c2
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/pretix/base/middleware.py
View File

@@ -147,6 +147,11 @@ class SecurityMiddleware:
return "; ".join(k + ' ' + v for k, v in h.items())
def process_response(self, request, resp):
if settings.DEBUG and resp.status_code >= 400:
# Don't use CSP on debug error page as it breaks of Django's fancy error
# pages
return resp
resp['X-XSS-Protection'] = '1'
h = {
'default-src': "{static}",