You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi, I just started using flask-talisman for enforcing HTTPS on my site, but now I'm eager to take advantage of CSP. A couple of questions about CSP reporting:
Regarding content_security_policy_report_uri, MDN says that it's deprecated despite being widely supported, in favor of report-to which isn't even supported anywhere. Is this considered a stable/supported feature of flask-talisman?
Assuming I set up a report-uri directive, I'm not sure what to do with it on the server side. Could you add a demo to the example app showing how to ingest CSP reports and do something useful with them, like logging to Stackdriver, etc?
Do you have any plans to provide a default built-in CSP report handler?
The text was updated successfully, but these errors were encountered:
Hi @rviscomi. Any features or enhancements here would have to be done by volunteers. I'm happy to help review and guide, but I won't be personally adding any major new features.
If you're up for taking this on, go for it! Otherwise, I'll leave this here in case others want to take it on.
Hi, I just started using flask-talisman for enforcing HTTPS on my site, but now I'm eager to take advantage of CSP. A couple of questions about CSP reporting:
Regarding
content_security_policy_report_uri
, MDN says that it's deprecated despite being widely supported, in favor of report-to which isn't even supported anywhere. Is this considered a stable/supported feature of flask-talisman?Assuming I set up a report-uri directive, I'm not sure what to do with it on the server side. Could you add a demo to the example app showing how to ingest CSP reports and do something useful with them, like logging to Stackdriver, etc?
Do you have any plans to provide a default built-in CSP report handler?
The text was updated successfully, but these errors were encountered: