From 7e63e9e4605b07924b327173cd3aa38996c2afc6 Mon Sep 17 00:00:00 2001
From: Manuel Raynaud <manu@raynaud.io>
Date: Mon, 30 Jun 2025 14:46:01 +0200
Subject: [PATCH] =?UTF-8?q?=E2=99=BB=EF=B8=8F(back)=20exclude=20/admin=20f?=
 =?UTF-8?q?rom=20CSP=20rules?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

We have to exclude the /admin prefix to allow loading static files when
the django admin is used.
---
 src/backend/impress/settings.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/backend/impress/settings.py b/src/backend/impress/settings.py
index 6e007fbc..e306ddf3 100755
--- a/src/backend/impress/settings.py
+++ b/src/backend/impress/settings.py
@@ -730,7 +730,7 @@ class Base(Configuration):
     # See https://content-security-policy.com/ for more information.
     CONTENT_SECURITY_POLICY = {
         "EXCLUDE_URL_PREFIXES": values.ListValue(
-            [],
+            ["/admin"],
             environ_name="CONTENT_SECURITY_POLICY_EXCLUDE_URL_PREFIXES",
             environ_prefix=None,
         ),