Skip to content

DEBUG CSP_SCRIPT_SRC should be generated using REAL_ALLOWED_HOSTS

Currently CSP_SCRIPT_SRC is hardcoded for DEBUG and if one where to add other hosts, when for example runnint a local instance over his local network he would need to add it do CSP_SCRIPT_SRC manually (see /backend/backend/settings.py#L58). This should be done like it's done if not running in DEBUG /backend/backend/settings.py#L60.

At least this is my opinion as I usually test on multiple devices over my local network.

Edited by Jason Zibung