Skip to content

Security: Implement native Django 6.0 Content Security Policy#476

Closed
vishalpatil-45 wants to merge 1 commit intoaboutcode-org:mainfrom
vishalpatil-45:feat/django6-csp-security
Closed

Security: Implement native Django 6.0 Content Security Policy#476
vishalpatil-45 wants to merge 1 commit intoaboutcode-org:mainfrom
vishalpatil-45:feat/django6-csp-security

Conversation

@vishalpatil-45
Copy link

- Integrated ContentSecurityPolicyMiddleware into settings.
- Configured SECURE_CSP using Django 6.0 utilities for SELF and NONCE.
- Added csp_nonce to base templates for inline script compatibility.
- Enabled SECURE_CSP_REPORT_ONLY for initial policy auditing.
- Fixes aboutcode-org#468

Signed-off-by: vishalpatil-45 <vishalvpatil45@gmail.com>
@vishalpatil-45 vishalpatil-45 force-pushed the feat/django6-csp-security branch from 5956493 to 0c06349 Compare February 15, 2026 20:34
@tdruez tdruez closed this Feb 15, 2026
@tdruez tdruez reopened this Feb 15, 2026
@tdruez tdruez closed this Feb 15, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Enhancement request: Implement Content Security Policy leveraging Django 6.0 support

2 participants