From 68ff51c26da47a009be1e8868c38b36244ff54c4 Mon Sep 17 00:00:00 2001
From: Georg Krause <mail@georg-krause.net>
Date: Wed, 16 Mar 2022 10:36:54 +0100
Subject: [PATCH] Enable debug and allow remote connect-src

---
 .env.dev              | 1 +
 docker/nginx/conf.dev | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/.env.dev b/.env.dev
index 9ce8dede0..9824a8638 100644
--- a/.env.dev
+++ b/.env.dev
@@ -19,3 +19,4 @@ STATIC_URL=http://localhost:8000/staticfiles/
 
 # Customize to your needs
 POSTGRES_VERSION=11
+DEBUG=true
diff --git a/docker/nginx/conf.dev b/docker/nginx/conf.dev
index 11c0b1307..96d8be7e0 100644
--- a/docker/nginx/conf.dev
+++ b/docker/nginx/conf.dev
@@ -69,7 +69,7 @@ http {
             text/x-component
             text/x-cross-domain-policy;
 
-        add_header Content-Security-Policy "default-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval';  style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:";
+        add_header Content-Security-Policy "default-src 'self' 'unsafe-eval'; connect-src 'self' 'unsafe-eval' *;  style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:";
         add_header Referrer-Policy "strict-origin-when-cross-origin";
         add_header X-Frame-Options "SAMEORIGIN" always;