Skip to content

Commit

Permalink
fix: swagger UI CSP error (apache#25368)
Browse files Browse the repository at this point in the history
  • Loading branch information
dpgaspar authored Sep 27, 2023
1 parent a4d8f36 commit 1716b9f
Show file tree
Hide file tree
Showing 3 changed files with 4 additions and 4 deletions.
2 changes: 1 addition & 1 deletion requirements/base.txt
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,7 @@ flask==2.2.5
# flask-migrate
# flask-sqlalchemy
# flask-wtf
flask-appbuilder==4.3.6
flask-appbuilder==4.3.7
# via apache-superset
flask-babel==1.0.0
# via flask-appbuilder
Expand Down
2 changes: 1 addition & 1 deletion setup.py
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,7 @@ def get_git_sha() -> str:
"cryptography>=41.0.2, <41.1.0",
"deprecation>=2.1.0, <2.2.0",
"flask>=2.2.5, <3.0.0",
"flask-appbuilder>=4.3.6, <5.0.0",
"flask-appbuilder>=4.3.7, <5.0.0",
"flask-caching>=1.11.1, <2.0",
"flask-compress>=1.13, <2.0",
"flask-talisman>=1.0.0, <2.0",
Expand Down
4 changes: 2 additions & 2 deletions superset/config.py
Original file line number Diff line number Diff line change
Expand Up @@ -1429,7 +1429,7 @@ def EMAIL_HEADER_MUTATOR( # pylint: disable=invalid-name,unused-argument
"style-src": ["'self'", "'unsafe-inline'"],
"script-src": ["'self'", "'strict-dynamic'"],
},
"content_security_policy_nonce_in": ["script-src"],
"content_security_policy_nonce_in": ["script-src", "style-src"],
"force_https": False,
}
# React requires `eval` to work correctly in dev mode
Expand All @@ -1447,7 +1447,7 @@ def EMAIL_HEADER_MUTATOR( # pylint: disable=invalid-name,unused-argument
"style-src": ["'self'", "'unsafe-inline'"],
"script-src": ["'self'", "'unsafe-inline'", "'unsafe-eval'"],
},
"content_security_policy_nonce_in": ["script-src"],
"content_security_policy_nonce_in": ["script-src", "style-src"],
"force_https": False,
}

Expand Down

0 comments on commit 1716b9f

Please sign in to comment.