#36549: OpenLayersWidget needs custom CSP rules when CSP is enabled
---------------------------------+------------------------------------
Reporter: Natalia Bidart | Owner: (none)
Type: Bug | Status: new
Component: GIS | Version: dev
Severity: Release blocker | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
---------------------------------+------------------------------------
Changes (by Sarah Boyce):
* cc: Rob Hudson, Claude Paroz (added)
* stage: Unreviewed => Accepted
* summary: OpenLayersWidget needs csutom CSP rules when CSP is enabled =>
OpenLayersWidget needs custom CSP rules when CSP is enabled
Comment:
I think adding an admonition to
[https://docs.djangoproject.com/en/5.2/ref/contrib/gis/forms-
api/#django.contrib.gis.forms.widgets.OpenLayersWidget OpenLayersWidget]
would be nice
As an idea, we could try to implement a system check between asserts
defined in `Media` and the `SECURITY_CSP` setting (but might not be
feasible and would class as an enhancement not needed for 6.0). The nice
thing would be that it should be clear when things are incompatible
without us having to document specific cases.
--
Ticket URL: <https://code.djangoproject.com/ticket/36549#comment:2>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-updates+unsubscr...@googlegroups.com.
To view this discussion visit
https://groups.google.com/d/msgid/django-updates/01070198a8aa06a6-a6c6bf40-dc85-43c5-8fed-b377e2dbf906-000000%40eu-central-1.amazonses.com.
