From 86ab2d48368b8c673f17fdda3af38f42aa4d2e24 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Felix=20Sch=C3=A4fer?= <felix@thegcat.net>
Date: Sun, 23 Jun 2019 01:20:56 +0200
Subject: [PATCH] Only add gravatar URLs to CSP where needed

---
 pretix_public_registrations/signals.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/pretix_public_registrations/signals.py b/pretix_public_registrations/signals.py
index 6643841..7a4d7ca 100644
--- a/pretix_public_registrations/signals.py
+++ b/pretix_public_registrations/signals.py
@@ -55,6 +55,7 @@ def add_public_registrations_table(sender, **kwargs):
 
 
 @receiver(signal=process_response, dispatch_uid="public_registragions_csp_headers")
-def add_public_registrations_csp_headers(sender, response=None, **kwargs):
-    response['Content-Security-Policy'] = "img-src https://secure.gravatar.com"
+def add_public_registrations_csp_headers(sender, request=None, response=None, **kwargs):
+    if "event.index" in resolve(request.path_info).url_name:
+        response['Content-Security-Policy'] = "img-src https://secure.gravatar.com"
     return response
-- 
GitLab