Tobias Bengfort
Tobias Bengfort
Thanks for the feedback. I see two possible solutions: - Add the `dismissable` parameter that is available on [bootstrap_alert](https://django-bootstrap4.readthedocs.io/en/latest/templatetags.html#bootstrap-alert) to more template tags, e.g. `form_errors` and `form`. - Tell people...
Just adding this to your settings should do most of the work: ``` BOOTSTRAP4 = { 'css_url': 'https://cdn.rtlcss.com/bootstrap/v4.0.0/css/bootstrap.min.css', } ```
I don't think this is possible. Sass can only express units with whole exponents, e.g. `1em * 1em / 5px`. There is no way to express `sqrt(2em)`, `log(2em)` or `pow(2em,...
> btw wrong Result of cos(180)*100 must return -100 but it is returns "74.69988" ??!!! If no unit is provided, `rad` is assumed. `cos(180deg)*100` should do the trick.
No, `/wiki/` definitely does not need to be added to the basedir setting because it does not exist. This path should either be an absolute path that actually exists (e.g....
So what CSP do we want? Please add to this list of requirements: - I would propose to use `default-src 'self'` as a baseline. We could also do `default-src 'none'`...
A note on development setup: There is also the `Content-Security-Policy-Report-Only` header that reports violations but does not stop them.
> AFAIK CSP has an option to prevent clickjacking, too. We might also take this into account. The trouble is that we explicitly *want* clickjacking (aka embedding).
I guess this is related to #172
I worked on the height in 4198eaf but we could not agree on a solution yet.