Now that the django admin supports the Content-Security-Policy header I
think merging django-csp into contrib would be a good fix for
https://code.djangoproject.com/ticket/15727
It might also be an idea to wait for Mozilla to also respond to the
proposal of this merger.
See my PR here: https:
Yeah this makes a lot more sense in SecurityMiddleware
On Sunday, 6 December 2015 10:01:54 UTC, Florian Apolloner wrote:
>
>
>
> On Sunday, December 6, 2015 at 10:13:46 AM UTC+1, Aymeric Augustin wrote:
>>
>> I understand that the “just merge django-csp” approach minimizes effort.
>> However the
gt;>
>>> Would it be OK if someone else were to pick up this ticket and move it
>>> forward?
>>>
>>> Robert Roskam
>>>
>>> On Sunday, December 6, 2015 at 11:22:20 AM UTC-5, Thomas Grainger wrote:
>>>>
>>>>
