From 0d3b41272fbb1bd589108faa892490139b9de684 Mon Sep 17 00:00:00 2001 From: Thomas Sileo Date: Fri, 15 Jul 2022 20:16:02 +0200 Subject: [PATCH] More template fixes --- app/main.py | 6 +++--- app/templates/header.html | 3 ++- app/templates/utils.html | 2 +- 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/app/main.py b/app/main.py index 5157ed7..9b6502d 100644 --- a/app/main.py +++ b/app/main.py @@ -128,9 +128,9 @@ class CustomMiddleware: headers["x-xss-protection"] = "1; mode=block" headers["x-frame-options"] = "SAMEORIGIN" # TODO(ts): disallow inline CSS? - headers["content-security-policy"] = ( - "default-src 'self'" + " style-src 'self' 'unsafe-inline';" - ) + headers[ + "content-security-policy" + ] = "default-src 'self' style-src 'unsafe-inline';" if not DEBUG: headers[ "strict-transport-security" diff --git a/app/templates/header.html b/app/templates/header.html index a7e4988..786b830 100644 --- a/app/templates/header.html +++ b/app/templates/header.html @@ -18,7 +18,7 @@ {{ text }} {% endmacro %} -
+
+
diff --git a/app/templates/utils.html b/app/templates/utils.html index cd9cd73..5c4602d 100644 --- a/app/templates/utils.html +++ b/app/templates/utils.html @@ -272,7 +272,7 @@
permalink
  • - +
  • {% if is_admin %}