Merge branch 'main' into nmb/content-fixtures

src/registrar/config/settings.py

@@ -48,6 +48,7 @@ env_db_url = env.dj_db_url("DATABASE_URL")
 env_debug = env.bool("DJANGO_DEBUG", default=False)
 env_log_level = env.str("DJANGO_LOG_LEVEL", "DEBUG")
 env_base_url = env.str("DJANGO_BASE_URL")
+env_getgov_public_site_url = env.str("GETGOV_PUBLIC_SITE_URL", "")
 
 secret_login_key = b64decode(secret("DJANGO_SECRET_LOGIN_KEY", ""))
 secret_key = secret("DJANGO_SECRET_KEY")
@@ -62,8 +63,6 @@ secret_registry_key = b64decode(secret("REGISTRY_KEY", ""))
 secret_registry_key_passphrase = secret("REGISTRY_KEY_PASSPHRASE", "")
 secret_registry_hostname = secret("REGISTRY_HOSTNAME")
 
-secret_getgov_public_site_url = secret("GETGOV_PUBLIC_SITE_URL", "")
-
 # region: Basic Django Config-----------------------------------------------###
 
 # Build paths inside the project like this: BASE_DIR / "subdir".
@@ -509,7 +508,7 @@ STATIC_URL = "public/"
 
 # Base URL of our separate static public website. Used by the
 # {% public_site_url subdir/path %} template tag
-GETGOV_PUBLIC_SITE_URL = secret_getgov_public_site_url
+GETGOV_PUBLIC_SITE_URL = env_getgov_public_site_url
 
 # endregion
 # region: Registry----------------------------------------------------------###

src/zap.conf

@@ -27,6 +27,8 @@
 10027	OUTOFSCOPE	http://app:8080/public/debug_toolbar/js/toolbar.js
 # USWDS.min.js contains suspicious words "query", "select", "from" in ordinary usage
 10027	OUTOFSCOPE	http://app:8080/public/js/uswds.min.js
+# UNCLEAR WHY THIS ONE IS FAILING. Giving 404 error.
+10027	OUTOFSCOPE	http://app:8080/public/js/uswds-init.min.js
 # get-gov.js contains suspicious word "from" as in `Array.from()`
 10027	OUTOFSCOPE	http://app:8080/public/js/get-gov.js
 10028	FAIL	(Open Redirect - Passive/beta)