iop
/
superset
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: swagger UI CSP error (#25368)

This commit is contained in:
Daniel Vaz Gaspar 2023-09-27 08:55:29 +01:00 committed by GitHub
parent a4d8f36863
commit 1716b9f8f6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
requirements/base.txt
View File

@ -96,7 +96,7 @@ flask==2.2.5
# flask-migrate
# flask-sqlalchemy
# flask-wtf
flask-appbuilder==4.3.6
flask-appbuilder==4.3.7
# via apache-superset
flask-babel==1.0.0
# via flask-appbuilder

2
setup.py
View File

@ -84,7 +84,7 @@ setup(
"cryptography>=41.0.2, <41.1.0",
"deprecation>=2.1.0, <2.2.0",
"flask>=2.2.5, <3.0.0",
"flask-appbuilder>=4.3.6, <5.0.0",
"flask-appbuilder>=4.3.7, <5.0.0",
"flask-caching>=1.11.1, <2.0",
"flask-compress>=1.13, <2.0",
"flask-talisman>=1.0.0, <2.0",

4
superset/config.py
View File

@ -1429,7 +1429,7 @@ TALISMAN_CONFIG = {
"style-src": ["'self'", "'unsafe-inline'"],
"script-src": ["'self'", "'strict-dynamic'"],
},
"content_security_policy_nonce_in": ["script-src"],
"content_security_policy_nonce_in": ["script-src", "style-src"],
"force_https": False,
}
# React requires `eval` to work correctly in dev mode
@ -1447,7 +1447,7 @@ TALISMAN_DEV_CONFIG = {
"style-src": ["'self'", "'unsafe-inline'"],
"script-src": ["'self'", "'unsafe-inline'", "'unsafe-eval'"],
},
"content_security_policy_nonce_in": ["script-src"],
"content_security_policy_nonce_in": ["script-src", "style-src"],
"force_https": False,
}