You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Our site requires a Content Security Policy and uses django-csp to implement this. One restriction is that inline scripts must have a nonce. Since this library makes use of an inline script to wire up JSONEditor to the form fields in the Widget, we are unable to use the library as is.
What I Did
Since request is not available to the context of a Widget, my first attempt to fix was by extending the provided Widget and adding nonce to a custom template. Ultimately, I was able to work around by providing a separate script that lives at the page level. I'll be happy to put together a PR to fix if interested in this more generally.
The text was updated successfully, but these errors were encountered:
Description
Our site requires a Content Security Policy and uses django-csp to implement this. One restriction is that inline scripts must have a nonce. Since this library makes use of an inline script to wire up
JSONEditor
to the form fields in the Widget, we are unable to use the library as is.What I Did
Since
request
is not available to the context of a Widget, my first attempt to fix was by extending the provided Widget and adding nonce to a custom template. Ultimately, I was able to work around by providing a separate script that lives at the page level. I'll be happy to put together a PR to fix if interested in this more generally.The text was updated successfully, but these errors were encountered: