mirror of
				https://github.com/django/django.git
				synced 2025-10-25 06:36:07 +00:00 
			
		
		
		
	This initial work adds a pair of settings to configure specific CSP directives for enforcing or reporting policy violations, a new `django.middleware.csp.ContentSecurityPolicyMiddleware` to apply the appropriate headers to responses, and a context processor to support CSP nonces in templates for safely inlining assets. Relevant documentation has been added for the 6.0 release notes, security overview, a new how-to page, and a dedicated reference section. Thanks to the multiple reviewers for their precise and valuable feedback. Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
		
			
				
	
	
		
			20 lines
		
	
	
		
			507 B
		
	
	
	
		
			Python
		
	
	
	
	
	
			
		
		
	
	
			20 lines
		
	
	
		
			507 B
		
	
	
	
		
			Python
		
	
	
	
	
	
| from django.shortcuts import render
 | |
| 
 | |
| from .models import DebugObject
 | |
| 
 | |
| 
 | |
| def request_processor(request):
 | |
|     return render(request, "context_processors/request_attrs.html")
 | |
| 
 | |
| 
 | |
| def debug_processor(request):
 | |
|     context = {
 | |
|         "debug_objects": DebugObject.objects,
 | |
|         "other_debug_objects": DebugObject.objects.using("other"),
 | |
|     }
 | |
|     return render(request, "context_processors/debug.html", context)
 | |
| 
 | |
| 
 | |
| def csp_nonce_processor(request):
 | |
|     return render(request, "context_processors/csp_nonce.html")
 |