# This file contains Content Security Policy (CSP) directives to test Wagtail's compatibility with CSP.
# If the variables defined here are loaded into the environment, CSP will be enabled.

# These values are commented out by default because Wagtail is not (yet) compatible with
# the strict policy defined below.

# Careful about the quoting of directives! It is easy to break.
# CSP_DEFAULT_SRC="'self'"

# Enable this rule to allow font awesome to load from CDN
# CSP_FONT_SRC="'self', https://cdnjs.cloudflare.com"