Add CSP security header for swagger page (!558) · Merge requests · OSDU / OSDU Data Platform / Security and Compliance / Policy

Vasyl Leskiv [SLB] requested to merge vl/fastapi-swagger-mdw into master Jan 24, 2025

add CSP security header to allow fetching additional resources for swagger page from CDN (cdn.jsdelivr.net ). The problem is that by default FastAPI provides CSP header that doesn't allow additional content to be loaded from other than the original server (policy service). There is a discussion on FastAPI github regarding this https://github.com/tiangolo/fastapi/discussions/8548 where we also found a solution

Add CSP security header for swagger page

Merge request reports