If you have django-csp installed and configured, we run a sanity check to make sure Persona is allowed by your content security policy. However, when we check CSP_DEFAULT_SRC, we use None as the fallback value if it's not defined, and then use in to check it as an iterable. Thus, if CSP_DEFAULT_SRC is undefined, a TypeError is raised.
If you have django-csp installed and configured, we run a sanity check to make sure Persona is allowed by your content security policy. However, when we check CSP_DEFAULT_SRC, we use
None
as the fallback value if it's not defined, and then usein
to check it as an iterable. Thus, if CSP_DEFAULT_SRC is undefined, a TypeError is raised.