From 6fb59d1ba004002802d636504a74946006f211db Mon Sep 17 00:00:00 2001 From: vincent porte Date: Tue, 26 Sep 2023 12:07:20 +0200 Subject: [PATCH] [CSP] explicit cdn.jsdeliver authorizations --- config/settings/base.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/settings/base.py b/config/settings/base.py index f6d6bd6d4..ce834fa0d 100644 --- a/config/settings/base.py +++ b/config/settings/base.py @@ -360,7 +360,7 @@ CSP_FONT_SRC = ("'self'", "https://fonts.gstatic.com/", "data:") CSP_SCRIPT_SRC = ( "'self'", - "https://cdn.jsdelivr.net/npm/chart.js", + "https://cdn.jsdelivr.net/npm/chart.js@4.0.1", "https://cdn.jsdelivr.net/npm/jquery@3.6.1/dist/jquery.min.js", "https://cdn.jsdelivr.net/npm/@popperjs/core@2.11.8/dist/umd/popper.min.js", "https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.min.js",