Be less paranoid when DEBUG is enabled
This commit is contained in:
parent
b7ace57996
commit
7736df17ea
|
@ -144,10 +144,11 @@ LOGIN_REDIRECT_URL = '/'
|
||||||
|
|
||||||
TAGGIT_CASE_INSENSITIVE = True
|
TAGGIT_CASE_INSENSITIVE = True
|
||||||
|
|
||||||
# Some security settings
|
# Some security settings only active in production
|
||||||
SESSION_COOKIE_SECURE = True
|
if not DEBUG:
|
||||||
CSRF_COOKIE_SECURE = True
|
SESSION_COOKIE_SECURE = True
|
||||||
CSRF_COOKIE_HTTPONLY = True
|
CSRF_COOKIE_SECURE = True
|
||||||
X_FRAME_OPTIONS = 'DENY'
|
CSRF_COOKIE_HTTPONLY = True
|
||||||
SECURE_CONTENT_TYPE_NOSNIFF = True
|
X_FRAME_OPTIONS = 'DENY'
|
||||||
SECURE_BROWSER_XSS_FILTER = True
|
SECURE_CONTENT_TYPE_NOSNIFF = True
|
||||||
|
SECURE_BROWSER_XSS_FILTER = True
|
||||||
|
|
Loading…
Reference in New Issue