From 8a285743b134fe51d0c125ef70d45ef58d19e7a7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benjamin=20H=C3=A4ttasch?= <benjamin.haettasch@fachschaft.informatik.tu-darmstadt.de> Date: Sat, 8 May 2021 16:44:28 +0200 Subject: [PATCH] Allow to include the AKWall as frame into any page Set content security policy for frame-ancestors to "*" for this view --- AKPlan/urls.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/AKPlan/urls.py b/AKPlan/urls.py index d45f64c7..9f78fdda 100644 --- a/AKPlan/urls.py +++ b/AKPlan/urls.py @@ -1,4 +1,6 @@ +from csp.decorators import csp_replace from django.urls import path, include + from . import views app_name = "plan" @@ -8,7 +10,7 @@ urlpatterns = [ '<slug:event_slug>/plan/', include([ path('', views.PlanIndexView.as_view(), name='plan_overview'), - path('wall/', views.PlanScreenView.as_view(), name='plan_wall'), + path('wall/', csp_replace(FRAME_ANCESTORS="*")(views.PlanScreenView.as_view()), name='plan_wall'), path('room/<int:pk>/', views.PlanRoomView.as_view(), name='plan_room'), path('track/<int:pk>/', views.PlanTrackView.as_view(), name='plan_track'), ]) -- GitLab