From 1e18523639c1af07eb37b143c1f2bfa352170727 Mon Sep 17 00:00:00 2001
From: Daniel Grams <grams.daniel@gmail.com>
Date: Wed, 19 Apr 2023 20:04:36 +0200
Subject: [PATCH 1/2] Fix Referrer-Policy #443

---
 project/jsonld.py   | 3 +--
 project/requests.py | 2 +-
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/project/jsonld.py b/project/jsonld.py
index 03d7913..0ea6f43 100644
--- a/project/jsonld.py
+++ b/project/jsonld.py
@@ -16,8 +16,7 @@ class CustomJsonProvider(DefaultJSONProvider):
         elif isinstance(obj, datetime.date):
             return obj.isoformat()
 
-        # pragma: no cover
-        return super(CustomJsonProvider, CustomJsonProvider).default(obj)
+        return super(CustomJsonProvider, CustomJsonProvider).default(obj)  # pragma: no cover
 
 
 def get_sd_for_admin_unit(admin_unit):
diff --git a/project/requests.py b/project/requests.py
index 97712fa..adaa48a 100644
--- a/project/requests.py
+++ b/project/requests.py
@@ -33,5 +33,5 @@ def set_response_headers(response):
     response.headers["Referrer-Policy"] = "strict-origin-when-cross-origin"
     response.headers[
         "Content-Security-Policy"
-    ] = "default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-eval' 'unsafe-inline'; img-src 'self' data: *.openstreetmap.org;"
+    ] = "default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-eval' 'unsafe-inline'; img-src 'self' blob: data: *.openstreetmap.org;"
     return response

From fefa8ca07772bcb871718f11c819fda0bee17be8 Mon Sep 17 00:00:00 2001
From: Daniel Grams <grams.daniel@gmail.com>
Date: Wed, 19 Apr 2023 20:14:56 +0200
Subject: [PATCH 2/2] Fix Referrer-Policy #443

---
 project/jsonld.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/project/jsonld.py b/project/jsonld.py
index 0ea6f43..af8d238 100644
--- a/project/jsonld.py
+++ b/project/jsonld.py
@@ -16,7 +16,9 @@ class CustomJsonProvider(DefaultJSONProvider):
         elif isinstance(obj, datetime.date):
             return obj.isoformat()
 
-        return super(CustomJsonProvider, CustomJsonProvider).default(obj)  # pragma: no cover
+        return super(CustomJsonProvider, CustomJsonProvider).default(
+            obj
+        )  # pragma: no cover
 
 
 def get_sd_for_admin_unit(admin_unit):