Django-CSP
  • Installing django-csp
  • Configuring django-csp
  • django-csp 4.0 Migration Guide
  • Modifying the Policy with Decorators
  • Using the generated CSP nonce
  • Implementing Trusted Types with CSP
  • CSP Violation Reports
  • Contributing
Django-CSP
  • django-csp
  • View page source

django-csp

django-csp adds Content-Security-Policy headers to Django applications.

Version:

4.0

Code:

https://github.com/mozilla/django-csp

License:

BSD; see LICENSE file

Issues:

https://github.com/mozilla/django-csp/issues

Contents:

  • Installing django-csp
  • Configuring django-csp
    • Migrating from django-csp <= 3.8
    • Configuration
    • Policy Settings
  • django-csp 4.0 Migration Guide
    • Overview
    • Migrating from the Old Settings Format
    • Migrating Custom Middleware
    • Conclusion
  • Modifying the Policy with Decorators
    • @csp_exempt
    • @csp_update
    • @csp_replace
    • @csp
  • Using the generated CSP nonce
    • Middleware
    • Context Processor
    • Django Template Tag/Jinja Extension
  • Implementing Trusted Types with CSP
    • DOM Cross-site Scripting
    • Step 1: Enable Trusted Types and Report Only Mode
    • Step 2: Fixing Trusted Types Violations
    • Step 3: Enforce Trusted Types
  • CSP Violation Reports
    • Throttling the number of reports
  • Contributing
    • Setup
    • Style
    • Tests
    • Type Checking
    • Updating Documentation
Next

© Copyright 2016-2025 Mozilla.

Built with Sphinx using a theme provided by Read the Docs.