[ckan-dev] Content Security Policy for CKAN

Cam Findlay cam at camfindlay.com
Wed Oct 4 21:51:32 UTC 2017


Hi there,

Has any one implemented or have a good config for a CSP that plays nice
with CKAN - I've been going through the process of running one in report
only mode. Seems CKAN is a complex beast with resources loading from many
places, some inline js/styles etc etc

I still haven't cracked it as yet but thought I'd ask if anyone has had
similar fun putting one together for a production CKAN install that has
worked well (without totally breaking things for legit users) that they
might be able to share.

Be great to hear some thoughts on this.


Many thanks,

Cam.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.okfn.org/pipermail/ckan-dev/attachments/20171005/40b53773/attachment-0002.html>


More information about the ckan-dev mailing list