Skip to content

Instantly share code, notes, and snippets.

@ndmanvar

ndmanvar/server_csp.py

Created February 14, 2018 23:00
Show Gist options
  • Save ndmanvar/6a0a8aec579947f7269dbf02533cc866 to your computer and use it in GitHub Desktop.
Save ndmanvar/6a0a8aec579947f7269dbf02533cc866 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
server_csp.py
#!/usr/bin/env python
import SimpleHTTPServer
class MyHTTPRequestHandler(SimpleHTTPServer.SimpleHTTPRequestHandler):
def end_headers(self):
self.send_my_headers()
SimpleHTTPServer.SimpleHTTPRequestHandler.end_headers(self)
def send_my_headers(self):
self.send_header("Access-Control-Allow-Origin", "*")
self.send_header("Content-Security-Policy",
"default-src *; "
"script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.example.com cdn.ravenjs.com; "
"style-src 'self' 'unsafe-inline' cdn.example.com; "
"img-src * data:; "
"report-uri https://sentry.io/api/288413/csp-report/?sentry_key=8fe74c6f5ea546ac9fc4ca1527c08bde")
if __name__ == '__main__':
SimpleHTTPServer.test(HandlerClass=MyHTTPRequestHandler)
@ndmanvar
Copy link
Author

foo.html:

<!DOCTYPE html>
<html>
<body>
    <h1>My First Heading</h1>
    <p>My first paragraph.</p>
    <script src="https://example.com" crossorigin="anonymous"></script>
</body>
</html>

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment