Added support for secure cookies and django-csp

2023-02-01 12:59:10 -08:00 · 2023-02-01 12:59:10 -08:00 · 36605efd20
commit 36605efd20
parent 006ff697b9
17 changed files with 28 additions and 15 deletions
--- a/bookwyrm/views/admin/dashboard.py
+++ b/bookwyrm/views/admin/dashboard.py
@ -12,6 +12,8 @@ from django.utils import timezone
 from django.utils.decorators import method_decorator
 from django.views import View

+from csp.decorators import csp_update
+
 from bookwyrm import models, settings
 from bookwyrm.connectors.abstract_connector import get_data
 from bookwyrm.connectors.connector_manager import ConnectorException
@ -27,6 +29,7 @@ from bookwyrm.utils import regex
 class Dashboard(View):
    """admin overview"""

+    @csp_update(SCRIPT_SRC='https://cdn.jsdelivr.net/npm/chart.js@3.5.1/dist/chart.min.js')
    def get(self, request):
        """list of users"""
        data = get_charts_and_stats(request)