From 7736df17ead4aeba7ef64688fa5a155341b1c769 Mon Sep 17 00:00:00 2001
From: LongHairedHacker <sebastian@sebastians-site.de>
Date: Sat, 20 May 2017 14:34:16 +0200
Subject: [PATCH] Be less paranoid when DEBUG is enabled

---
 gulaschromstore/settings.py | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/gulaschromstore/settings.py b/gulaschromstore/settings.py
index a09fc3a..a05db19 100644
--- a/gulaschromstore/settings.py
+++ b/gulaschromstore/settings.py
@@ -144,10 +144,11 @@ LOGIN_REDIRECT_URL = '/'
 
 TAGGIT_CASE_INSENSITIVE = True
 
-# Some security settings
-SESSION_COOKIE_SECURE = True
-CSRF_COOKIE_SECURE = True
-CSRF_COOKIE_HTTPONLY = True
-X_FRAME_OPTIONS = 'DENY'
-SECURE_CONTENT_TYPE_NOSNIFF = True
-SECURE_BROWSER_XSS_FILTER = True
+# Some security settings only active in production
+if not DEBUG:
+    SESSION_COOKIE_SECURE = True
+    CSRF_COOKIE_SECURE = True
+    CSRF_COOKIE_HTTPONLY = True
+    X_FRAME_OPTIONS = 'DENY'
+    SECURE_CONTENT_TYPE_NOSNIFF = True
+    SECURE_BROWSER_XSS_FILTER = True