diff --git a/.DS_Store b/.DS_Store
index c5e8094..4a75b98 100644
Binary files a/.DS_Store and b/.DS_Store differ
diff --git a/docker-compose.yml b/docker-compose.yml
index f11f3af..dec4499 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -6,7 +6,7 @@ services:
     image: alpine:latest
     container_name: geofeed-git-sync
     environment:
-      GIT_REPO: ${GIT_REPO:-https://git.prpl.tools/PurpleComputing/geofeed-manager.git}
+      GIT_REPO: ${GIT_REPO:-https://git.prpl.tools/PurpleComputing/ip-manager.git}
       GIT_BRANCH: ${GIT_BRANCH:-main}
     volumes:
       - webapp_code:/app
@@ -73,7 +73,9 @@ services:
       # IP Registry API for IP enrichment
       IPREGISTRY_API_KEY: ${IPREGISTRY_API_KEY:-}
     volumes:
-      - webapp_code:/app:ro
+      # Use local webapp folder for development (comment out for production)
+      - ./webapp:/app:ro
+      # - webapp_code:/app:ro
     depends_on:
       mariadb:
         condition: service_healthy
diff --git a/webapp/includes/app.js b/webapp/includes/app.js
index 514ea5c..d92e3e8 100644
--- a/webapp/includes/app.js
+++ b/webapp/includes/app.js
@@ -6,7 +6,6 @@ let deleteEntryId = null;
 let selectedFile = null;
 let clientLogos = {};
 let auditPage = 1;
-const csrfToken = '<?php echo generateCSRFToken(); ?>';
 
 // Initialize
 document.addEventListener('DOMContentLoaded', () => {
@@ -120,7 +119,7 @@ async function api(action, params = {}, method = 'GET', body = null) {
     const options = { method };
     if (body) {
         options.headers = { 'Content-Type': 'application/json' };
-        options.body = JSON.stringify({ ...body, csrf_token: csrfToken });
+        options.body = JSON.stringify({ ...body, csrf_token: (typeof CSRF_TOKEN !== 'undefined' ? CSRF_TOKEN : '') });
     }
 
     const response = await fetch(url, options);