Skip to main content

HTTP security headers for Flask. (UNOFFICIAL, UNSUPPORTED FORK)

Project description


A fork of Flask-Talisman with certain changes to better fit my backend server.


Because the license requires this, I will put the change log here:

  • Removed files:
    • .travis.yml
    • README.rst - replaced with this file (
  • Removed the example app
  • Dropped Python 2 support
  • Added Gitpod configuration and Dockerfile
  • Cleaned up
  • Option referrer_policy can be None to use the default
  • Removed all the options except:
+ referrer_policy
+ session_cookie_secure
+ session_cookie_http_only
+ force_file_save
+ frame_options
  • Renamed the nosniff option
  • Added type defs


This is not an official Google or RDIL product, experimental or otherwise.

There is no silver bullet for web application security. Talisman can help, but security is more than just setting a few headers. Any public-facing web application should have a comprehensive approach to security.

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for flask-talisman-rdil, version 0.9.8
Filename, size File type Python version Upload date Hashes
Filename, size flask_talisman_rdil-0.9.8-py3-none-any.whl (8.1 kB) File type Wheel Python version py3 Upload date Hashes View
Filename, size flask-talisman-rdil-0.9.8.tar.gz (3.1 kB) File type Source Python version None Upload date Hashes View

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Huawei Huawei PSF Sponsor Microsoft Microsoft PSF Sponsor NVIDIA NVIDIA PSF Sponsor Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page