DONOTMERGE: change CSP for local development

ministryofjustice · Nov 29, 2024 · 0c466df · 0c466df
1 parent 5db9c28
commit 0c466df
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb
@@ -16,7 +16,8 @@
                     "https://www.googletagmanager.com"
   policy.connect_src :self,
                      GOOGLE_ANALYTICS_DOMAIN,
-                     "https://*.justice.gov.uk"
+                     "https://*.justice.gov.uk",
+                     "http://127.0.0.1:3000"
 end
 Rails.application.config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s }
 Rails.application.config.content_security_policy_nonce_directives = %w[script-src]