You want to configure Flask-Talisman to add a Content-Security-Policy that only allows scripts from your own domain and trusted.com. Which code snippet correctly sets this?

hard📝 Application Q8 of 15

Flask - Security Best Practices

ATalisman(app, content_security_policy="script-src 'self' trusted.com")

BTalisman(app, content_security_policy={"script-src": ["'self'", "trusted.com"]})

CTalisman(app, content_security_policy={"script-src": "'self' trusted.com"})

DTalisman(app, content_security_policy={"script-src": ["self", "trusted.com"]})

Step-by-Step Solution

Solution:

Step 1: Understand Talisman content_security_policy format
It expects a dictionary with directives as keys and lists of sources as values.
Step 2: Check correct syntax for script-src
Sources must be strings with quotes for 'self', so ["'self'", "trusted.com"] is correct.
Final Answer:
Talisman(app, content_security_policy={"script-src": ["'self'", "trusted.com"]}) -> Option B
Quick Check:
Use dict with list of quoted sources for CSP in Talisman [OK]

Quick Trick: CSP in Talisman uses dict with list of quoted sources [OK]

Common Mistakes:

MISTAKES

Passing CSP as string
Omitting quotes around 'self'
Using unquoted self without quotes

Master "Security Best Practices" in Flask

9 interactive learning modes - each teaches the same concept differently

Learn Why Deep Visual Try Challenge Project Recall Perf

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions

More Flask Quizzes

You want to configure Flask-Talisman to add a Content-Security-Policy that only allows scripts from your own domain and trusted.com. Which code snippet correctly sets this?

Step 1: Understand Talisman content_security_policy format

Step 2: Check correct syntax for script-src

Final Answer:

Quick Check:

Want More Practice?