DRS docs break with CSP that blocks inline scripts

[groovecoder]

(See mozilla-services/push-dev-dashboard#181 for my context)

In my settings.py, I have:

...
ROOT_URLCONF = 'dashboard.urls'
...
INSTALLED_APPS = [
    ...
    'rest_framework',
    'rest_framework_swagger',
    ...
]
...

In my dashboard.urls I have:

urlpatterns = [
    ...
    url(r'^api/docs/', include('rest_framework_swagger.urls')),
    url(r'^api/v1/', include('api.urls')),
    ...
]

urlpatterns += i18n_patterns(
    # our app urls
    url(r'^$', dashboard_views.Home.as_view(), name='home'),
    url(r'^push/', include('push.urls')),
    url(r'^accounts/login/$', dashboard_views.Login.as_view(), name='login'),
)

And in my api.urls I have:

...
router = routers.DefaultRouter()
router.register(r'domains', DomainAuthorizationViewSet)
router.register(r'push-apps', PushApplicationViewSet)

urlpatterns = [
    url(r'^', include(router.urls))
]

But, when I go to my /api/docs/ url I don't see any of the endpoints registered in api.urls?

And I can't tell where the "example.com" value is coming from? My site domain name and display name are both "127.0.0.1:8000".

[groovecoder]

I at least found the source of my problem ...

I'm using CSP to prevent inline scripts, and the django-rest-swagger app uses inline scripting to show api endpoints.

[groovecoder]

Starting a fix branch here: https://github.com/groovecoder/django-rest-swagger/tree/remove-inlines-434

So far I've removed the inline <script> tags, but I still need to remove the inline styling.

[groovecoder]

I'm trying to fix the last of the JS to work without inline <script> tags. How do I generate swagger-ui.min.js?

[marcgibbons]

Inline scripts have been removed in #470