Skip to content

Commit

Permalink
Update CSP info
Browse files Browse the repository at this point in the history
  • Loading branch information
ahosgood committed Aug 13, 2024
1 parent 7cadaab commit e639f0d
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions docs/technology/standards/security.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,13 @@ When using Flask, use the [flask-talisman](https://github.com/GoogleCloudPlatfor

When using Django, use the [django-csp](https://github.com/mozilla/django-csp) extension to handle your CSP.

### CSP for TNA Frontend

When using TNA Frontend with the [application templates](../../resources/application-templates.md), the following CSP must be set as a minimum:

- `CSP_STYLE_SRC_ELEM='self',fonts.googleapis.com,p.typekit.net,use.typekit.net`
- `CSP_FONT_SRC='self',fonts.gstatic.com,use.typekit.net`

## Environment variables

[TODO]

0 comments on commit e639f0d

Please sign in to comment.