From f8cde7136d6fd93d83e1586e6e11d461602a23de Mon Sep 17 00:00:00 2001
From: W13R <9070224-W13R@users.noreply.gitlab.com>
Date: Sun, 15 May 2022 11:24:04 +0200
Subject: [PATCH] Remove DjangoCSP dependency by writing own middleware for the
 CSP header

---
 application/app/middleware.py          | 11 +++++++++++
 application/drinks_manager/settings.py |  2 +-
 pip-dependencies.txt                   |  1 -
 3 files changed, 12 insertions(+), 2 deletions(-)
 create mode 100644 application/app/middleware.py

diff --git a/application/app/middleware.py b/application/app/middleware.py
new file mode 100644
index 0000000..43acf6c
--- /dev/null
+++ b/application/app/middleware.py
@@ -0,0 +1,11 @@
+
+# Define CSP middleware:
+
+def csp_middleware(get_response):
+
+    def middleware(request):
+        response = get_response(request)
+        response["content-security-policy"] = "default-src 'self'"
+        return response
+
+    return middleware
diff --git a/application/drinks_manager/settings.py b/application/drinks_manager/settings.py
index 2a6674d..6dc0a14 100644
--- a/application/drinks_manager/settings.py
+++ b/application/drinks_manager/settings.py
@@ -67,7 +67,7 @@ MIDDLEWARE = [
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
     "django_currentuser.middleware.ThreadLocalUserMiddleware",
-    "csp.middleware.CSPMiddleware"
+    "app.middleware.csp_middleware"
 ]
 
 ROOT_URLCONF = 'drinks_manager.urls'
diff --git a/pip-dependencies.txt b/pip-dependencies.txt
index 3107a0b..da50c9d 100644
--- a/pip-dependencies.txt
+++ b/pip-dependencies.txt
@@ -1,5 +1,4 @@
 django~=3.2.7
 django-currentuser==0.5.3
-django-csp==3.7
 psycopg2~=2.9.1
 uvicorn~=0.17.6