duck.csp

Content-Security utility module.

Module Contents

Functions

csp_nonce

Returns the current nonce token for the strict Content-Security-Policy.

refresh_nonce

Refreshes and returns a newly generated nonce value.

Data

csp_nonce_flag

API

duck.csp.csp_nonce(request, add_nonce_prefix: bool = False) str[source]

Returns the current nonce token for the strict Content-Security-Policy.

Parameters:

  • request – The target HTTP request.

  • add_nonce_prefix – Whether to add the prefix nonce- to the nonce value.

duck.csp.csp_nonce_flag

‘requires-csp-nonce’

duck.csp.refresh_nonce(request) str[source]

Refreshes and returns a newly generated nonce value.