Skip to content

Commit cf5dc33

Browse files
mikethemanmiketheman
authored
fix: add fonts directive to csp for fundraiser (#19167)
Refs: #19120 Signed-off-by: Mike Fiedler <miketheman@gmail.com>
1 parent fb307f1 commit cf5dc33

File tree

2 files changed

+8
-2
lines changed

2 files changed

+8
-2
lines changed

tests/unit/test_csp.py

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -249,7 +249,11 @@ def test_includeme():
249249
"https://2p66nmmycsj3.statuspage.io",
250250
],
251251
"default-src": ["'none'"],
252-
"font-src": ["'self'", "fonts.gstatic.com"],
252+
"font-src": [
253+
"'self'",
254+
"fonts.gstatic.com",
255+
"https://fonts.cdnfonts.com",
256+
],
253257
"form-action": [
254258
"'self'",
255259
"https://checkout.stripe.com",
@@ -280,6 +284,7 @@ def test_includeme():
280284
"fonts.googleapis.com",
281285
"*.ethicalads.io",
282286
"donate.python.org",
287+
"https://fonts.cdnfonts.com",
283288
"'sha256-2YHqZokjiizkHi1Zt+6ar0XJ0OeEy/egBnlm+MDMtrM='",
284289
"'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='",
285290
"'sha256-JLEjeN9e5dGsz5475WyRaoA4eQOdNPxDIeUhclnJDCE='",

warehouse/csp.py

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -155,7 +155,7 @@ def includeme(config):
155155
"base-uri": [SELF],
156156
"connect-src": _connect_src_settings(config),
157157
"default-src": [NONE],
158-
"font-src": [SELF, "fonts.gstatic.com"],
158+
"font-src": [SELF, "fonts.gstatic.com", "https://fonts.cdnfonts.com"],
159159
"form-action": [
160160
SELF,
161161
"https://checkout.stripe.com",
@@ -176,6 +176,7 @@ def includeme(config):
176176
"fonts.googleapis.com",
177177
"*.ethicalads.io",
178178
"donate.python.org",
179+
"https://fonts.cdnfonts.com",
179180
# Hashes for inline styles generated by v1.4.0 of ethicalads.min.js
180181
"'sha256-2YHqZokjiizkHi1Zt+6ar0XJ0OeEy/egBnlm+MDMtrM='",
181182
"'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='",

0 commit comments

Comments
 (0)