zydronium/manage.get.gov
1
0
Fork 0
mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-08-06 01:35:22 +02:00
Code Issues Projects Releases Packages Wiki Activity

Minor cleanup

Browse source
This commit is contained in:
zandercymatics 2023-08-14 10:17:29 -06:00
parent 5f6a7cd044
commit 17ac251c36
No known key found for this signature in database
GPG key ID: FF4636ABEC9682B7
2 changed files with 3 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/registrar/config/settings.py
View file

@ -285,12 +285,12 @@ SERVER_EMAIL = "root@get.gov"
# Content-Security-Policy configuration
# this can be restrictive because we have few external scripts
allowed_sources = ("'self'", "https://idp.int.identitysandbox.gov", "https://idp.int.identitysandbox.gov/openid_connect/logout")
allowed_sources = ("'self'")
CSP_DEFAULT_SRC = allowed_sources
# Most things fall back to default-src, but these two do not and should be
# explicitly set
CSP_FRAME_ANCESTORS = allowed_sources
CSP_FORM_ACTION = allowed_sources
CSP_FORM_ACTION = ("'self'", "https://idp.int.identitysandbox.gov/openid_connect/logout")
# Content-Length header is set by django.middleware.common.CommonMiddleware

7
src/registrar/config/urls.py
View file

@ -47,7 +47,7 @@ urlpatterns = [
path("", views.index, name="home"),
path(
"admin/logout/",
RedirectView.as_view(url="/openid/logout", permanent=False),
RedirectView.as_view(pattern_name="logout", permanent=False),
),
path("admin/", admin.site.urls),
path(
@ -125,11 +125,6 @@ if not settings.DEBUG:
path(
"admin/login/", RedirectView.as_view(pattern_name="login", permanent=False)
),
# redirect to login.gov
path(
"admin/logout/",
RedirectView.as_view(pattern_name="logout", permanent=False),
),
]
# we normally would guard these with `if settings.DEBUG` but tests run with