Using SecureASGIMiddleware with Secure.with_default_headers() on a FastAPI app breaks /docs and /redoc: the BALANCED CSP blocks the CDN-hosted JS/CSS and inline styles those pages rely on.
Is there an existing solution I missed, or would it make sense to add something like a Secure.allow_fastapi_docs() method?
Using
SecureASGIMiddlewarewithSecure.with_default_headers()on a FastAPI app breaks/docsand/redoc: the BALANCED CSP blocks the CDN-hosted JS/CSS and inline styles those pages rely on.Is there an existing solution I missed, or would it make sense to add something like a
Secure.allow_fastapi_docs()method?