duck.csp

Content-Security utility module.

Module Contents

Functions

csp_nonce	Returns the current nonce token for the strict Content-Security-Policy.
refresh_nonce	Refreshes and returns a newly generated nonce value.

Data

csp_nonce_flag

API

duck.csp.csp_nonce(request, add_nonce_prefix: bool = False) → str

Returns the current nonce token for the strict Content-Security-Policy.

Parameters:

• request – The target HTTP request.

• add_nonce_prefix – Whether to add the prefix nonce- to the nonce value.

duck.csp.csp_nonce_flag

‘requires-csp-nonce’

duck.csp.refresh_nonce(request) → str

Refreshes and returns a newly generated nonce value.