zydronium/manage.get.gov
1
0
Fork 0
mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-08-06 01:35:22 +02:00
Code Issues Projects Releases Packages Wiki Activity

Update src/registrar/config/settings.py

Browse source 
allowed_sources was not a tuple: https://django-csp.readthedocs.io/en/latest/configuration.html

Co-authored-by: Neil MartinsenBurrell <neil.martinsen-burrell@gsa.gov>
This commit is contained in:
zandercymatics 2023-08-15 07:26:34 -06:00 committed by GitHub
parent ea94831ab4
commit 94ab136058
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/registrar/config/settings.py
View file

@ -285,7 +285,7 @@ SERVER_EMAIL = "root@get.gov"
# Content-Security-Policy configuration
# this can be restrictive because we have few external scripts
allowed_sources = ("'self'")
allowed_sources = ("'self'",)
CSP_DEFAULT_SRC = allowed_sources
# Most things fall back to default-src, but these two do not and should be
# explicitly set