From 8a285743b134fe51d0c125ef70d45ef58d19e7a7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Benjamin=20H=C3=A4ttasch?=
 <benjamin.haettasch@fachschaft.informatik.tu-darmstadt.de>
Date: Sat, 8 May 2021 16:44:28 +0200
Subject: [PATCH] Allow to include the AKWall as frame into any page

Set content security policy for frame-ancestors to "*" for this view
---
 AKPlan/urls.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/AKPlan/urls.py b/AKPlan/urls.py
index d45f64c7..9f78fdda 100644
--- a/AKPlan/urls.py
+++ b/AKPlan/urls.py
@@ -1,4 +1,6 @@
+from csp.decorators import csp_replace
 from django.urls import path, include
+
 from . import views
 
 app_name = "plan"
@@ -8,7 +10,7 @@ urlpatterns = [
         '<slug:event_slug>/plan/',
         include([
             path('', views.PlanIndexView.as_view(), name='plan_overview'),
-            path('wall/', views.PlanScreenView.as_view(), name='plan_wall'),
+            path('wall/', csp_replace(FRAME_ANCESTORS="*")(views.PlanScreenView.as_view()), name='plan_wall'),
             path('room/<int:pk>/', views.PlanRoomView.as_view(), name='plan_room'),
             path('track/<int:pk>/', views.PlanTrackView.as_view(), name='plan_track'),
         ])
-- 
GitLab