bundle.website.core.security
============================

.. py:module:: bundle.website.core.security

.. autoapi-nested-parse::

   Security policies and middleware for website HTTP responses.



Attributes
----------

.. autoapisummary::

   bundle.website.core.security.DEFAULT_CSP
   bundle.website.core.security.EXCALIDRAW_CSP


Classes
-------

.. autoapisummary::

   bundle.website.core.security.SecurityHeadersMiddleware


Module Contents
---------------

.. py:data:: DEFAULT_CSP
   :value: ''


.. py:data:: EXCALIDRAW_CSP
   :value: ''


.. py:class:: SecurityHeadersMiddleware

   Bases: :py:obj:`starlette.middleware.base.BaseHTTPMiddleware`


   Apply per-route CSP to keep pages isolated and avoid script leakage.


   .. py:method:: dispatch(request, call_next)
      :async:


      Attach CSP and baseline security headers to each response.