#37084: Add system check for CSP nonce policy without csp context processor
-------------------------------------+-------------------------------------
Reporter: Rob Hudson | Owner: Milad
| Zarour
Type: New feature | Status: assigned
Component: Core (System | Version: 6.0
checks) |
Severity: Normal | Resolution:
Keywords: csp nonce | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Changes (by Milad Zarour):
* needs_better_patch: 1 => 0
Comment:
Updated PR 21230 to address review comments:
- Handle iterable CSP directive values, including frozenset.
- Allow django.template.context_processors.csp on any template backend
with context_processors configured.
- Moved the release note under the CSP section.
Tests:
- python tests/runtests.py check_framework.test_security
- Ran 76 tests successfully, with 1 skipped.
--
Ticket URL: <https://code.djangoproject.com/ticket/37084#comment:5>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion visit
https://groups.google.com/d/msgid/django-updates/0107019dfec7c19c-5722a5e3-af64-4955-af86-d94a8fc59056-000000%40eu-central-1.amazonses.com.
