{ "info": { "author": "Nils Rokita", "author_email": "0rokita@informatik.uni-hamburg.de", "bugtrack_url": null, "classifiers": [ "Development Status :: 3 - Alpha", "Environment :: Web Environment", "Framework :: Django", "Intended Audience :: Developers", "License :: OSI Approved :: MIT License", "Operating System :: OS Independent", "Programming Language :: Python", "Programming Language :: Python :: 3", "Programming Language :: Python :: 3.4", "Programming Language :: Python :: 3.5", "Programming Language :: Python :: 3.6", "Programming Language :: Python :: Implementation :: CPython", "Programming Language :: Python :: Implementation :: PyPy", "Topic :: Software Development :: Libraries :: Python Modules" ], "description": "django-simple-csp\n=================\n\nA simple Middleware for adding CSP headers and nonces in Django\n\nUsage\n=====\n\nRequires Django >=1.10\n\nAdd it to the INSTALLED_APPS settings variable::\n\n INSTALLED_APPS = [\n ...\n 'django.contrib.admin',\n 'django.contrib.auth',\n 'django.contrib.contenttypes',\n 'django.contrib.sessions',\n 'django.contrib.messages',\n 'django.contrib.staticfiles',\n ...\n 'django-simple-csp'\n ...\n ]\n\n\nAdd it to MIDDLEWARE (not MIDDLEWARE_CLASSES)::\n\n MIDDLEWARE = [\n ...\n 'django.middleware.security.SecurityMiddleware',\n 'django.contrib.sessions.middleware.SessionMiddleware',\n 'django.middleware.common.CommonMiddleware',\n 'django.middleware.csrf.CsrfViewMiddleware',\n 'django.contrib.auth.middleware.AuthenticationMiddleware',\n 'django.contrib.messages.middleware.MessageMiddleware',\n 'django.middleware.clickjacking.XFrameOptionsMiddleware',\n ...\n 'django-simple-csp.middleware.csp.CSPMiddleware',\n ...\n ]\n\n\n\nCSS\n---\n\nTODO: remove hash from the name of tag?\n\nExample use of hashed inline style::\n\n {% load csp %}\n {% csp_css_hash %}\n td.style-class {\n background-color: red;\n }\n {% end_csp_css_hash %}\n\nusage inside of style=\"...\" attributes is not supported by chromium for now.\n\nJavascript\n----------\n\nNonces\n~~~~~~\n\nTODO: Change to hashes?\n\nExample::\n\n {% load csp %}\n \n\n\nConfig Values\n-------------\n\nCSP_REPORT_URL = \"\"\nThe URl CSP errors should be reportet to, set to \"\" if not used, or do not define it.\n\nCSP_REPORT_ONLY = True\nSet the header to just report CSP errors do not enforce the CSP. Defaults to True.\n\nCSP_ADDITIONAL_SCRIPT_SRC = []\nList of additional hosts javascript is allowed to be loaded from\n\nCSP_ADDITIONAL_STYLE_SRC = []\nList of additional hosts CSS is allowed to be loaded from\n\nCSP_ADDITIONAL_IMG_SRC = []\nList of additional hosts images is allowed to be loaded from\n\n\n", "description_content_type": null, "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/fsinfuhh/django-simple-csp", "keywords": "", "license": "License :: OSI Approved :: MIT License", "maintainer": "", "maintainer_email": "", "name": "django-simple-csp", "package_url": "https://pypi.org/project/django-simple-csp/", "platform": "", "project_url": "https://pypi.org/project/django-simple-csp/", "project_urls": { "Homepage": "https://github.com/fsinfuhh/django-simple-csp" }, "release_url": "https://pypi.org/project/django-simple-csp/0.2.dev1/", "requires_dist": [ "Django (>=1.11)" ], "requires_python": "", "summary": "Django Content Security Policy support.", "version": "0.2.dev1" }, "last_serial": 3309447, "releases": { "0.1.dev1": [ { "comment_text": "", "digests": { "md5": "026f99ea83b98411b72655e0ae7fd087", "sha256": "8d7a8af39fac8f2989ac6a7dc7b2d01401e4cb54845eb516bf0fa3843aaaa7ee" }, "downloads": -1, "filename": "django_simple_csp-0.1.dev1-py3-none-any.whl", "has_sig": true, "md5_digest": "026f99ea83b98411b72655e0ae7fd087", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 5135, "upload_time": "2017-08-25T18:03:57", "url": "https://files.pythonhosted.org/packages/cc/c8/586a0a5cd654cfd7011dd876cd23178aba38fccfb7146659e42c2e1104dc/django_simple_csp-0.1.dev1-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "95d05dc1910dadc242040187f0022134", "sha256": "425c71d47b79f75294807b00f029a49aac8af8404b534c4f5e79f2a8a7840b1a" }, "downloads": -1, "filename": "django-simple-csp-0.1.dev1.tar.gz", "has_sig": true, "md5_digest": "95d05dc1910dadc242040187f0022134", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 3033, "upload_time": "2017-08-25T18:04:00", "url": "https://files.pythonhosted.org/packages/0a/24/068c3ab9c0bcaded037d081d4db226bd7729b0f2b160e457fd79c6ac339f/django-simple-csp-0.1.dev1.tar.gz" } ], "0.1.dev2": [ { "comment_text": "", "digests": { "md5": "7996345f2f592d6f8a8567f9d2a4d900", "sha256": "144fe12e07ba2acda916533df9eb8c323f2e1494484f4d29227709a4d7e1df31" }, "downloads": -1, "filename": "django_simple_csp-0.1.dev2-py3-none-any.whl", "has_sig": true, "md5_digest": "7996345f2f592d6f8a8567f9d2a4d900", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 9212, "upload_time": "2017-09-08T09:33:02", "url": "https://files.pythonhosted.org/packages/3c/50/bbc4422cdf49501de7b0e00084b1910f5b5094a3c98c09f52292dc0c77d5/django_simple_csp-0.1.dev2-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "4cff07fa7e5b62831d9ddbc6fada8289", "sha256": "b825ae1e101bb60a882429f5696d647e768b4cb7c8f0991ef6bb83ba598f26dc" }, "downloads": -1, "filename": "django-simple-csp-0.1.dev2.tar.gz", "has_sig": true, "md5_digest": "4cff07fa7e5b62831d9ddbc6fada8289", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 3313, "upload_time": "2017-09-08T09:33:04", "url": "https://files.pythonhosted.org/packages/de/39/395bb0ee28ce3cd7e18521afae4dd8b689ab0de26b9279326eebb53de15c/django-simple-csp-0.1.dev2.tar.gz" } ], "0.2.dev1": [ { "comment_text": "", "digests": { "md5": "0551491527cf025d91a6c9cade56c32d", "sha256": "80f4e2ab77f0ce65da54e278d0b596e1881bf9d7c0f2654bc699ff89d2df8251" }, "downloads": -1, "filename": "django_simple_csp-0.2.dev1-py3-none-any.whl", "has_sig": true, "md5_digest": "0551491527cf025d91a6c9cade56c32d", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 9507, "upload_time": "2017-11-06T13:52:00", "url": "https://files.pythonhosted.org/packages/e8/a8/edb30baba400d9a16b37d64df990b27cfff85d8cc0e342b0add8c6ec4993/django_simple_csp-0.2.dev1-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "124956a6b7272a2fde3b301c87294135", "sha256": "efbabff79de751b4aac99be2557867edf9cf07d7ccbb305e7701f650ac348df1" }, "downloads": -1, "filename": "django-simple-csp-0.2.dev1.tar.gz", "has_sig": true, "md5_digest": "124956a6b7272a2fde3b301c87294135", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 3492, "upload_time": "2017-11-06T13:52:01", "url": "https://files.pythonhosted.org/packages/27/52/b6a8c7647546376ec27c6f989bbf381ab6cc6b10a3a52c69d82c9bdda984/django-simple-csp-0.2.dev1.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "0551491527cf025d91a6c9cade56c32d", "sha256": "80f4e2ab77f0ce65da54e278d0b596e1881bf9d7c0f2654bc699ff89d2df8251" }, "downloads": -1, "filename": "django_simple_csp-0.2.dev1-py3-none-any.whl", "has_sig": true, "md5_digest": "0551491527cf025d91a6c9cade56c32d", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 9507, "upload_time": "2017-11-06T13:52:00", "url": "https://files.pythonhosted.org/packages/e8/a8/edb30baba400d9a16b37d64df990b27cfff85d8cc0e342b0add8c6ec4993/django_simple_csp-0.2.dev1-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "124956a6b7272a2fde3b301c87294135", "sha256": "efbabff79de751b4aac99be2557867edf9cf07d7ccbb305e7701f650ac348df1" }, "downloads": -1, "filename": "django-simple-csp-0.2.dev1.tar.gz", "has_sig": true, "md5_digest": "124956a6b7272a2fde3b301c87294135", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 3492, "upload_time": "2017-11-06T13:52:01", "url": "https://files.pythonhosted.org/packages/27/52/b6a8c7647546376ec27c6f989bbf381ab6cc6b10a3a52c69d82c9bdda984/django-simple-csp-0.2.dev1.tar.gz" } ] }