sebastian
/
gulasch-r0mstore
mirror of https://github.com/LongHairedHacker/gulasch-r0mstore.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Be less paranoid when DEBUG is enabled

This commit is contained in:
Sebastian 2017-05-20 14:34:16 +02:00
parent b7ace57996
commit 7736df17ea
1 changed files with 8 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
gulaschromstore/settings.py
View File

@ -144,10 +144,11 @@ LOGIN_REDIRECT_URL = '/'
TAGGIT_CASE_INSENSITIVE = True TAGGIT_CASE_INSENSITIVE = True
# Some security settings # Some security settings only active in production
SESSION_COOKIE_SECURE = True if not DEBUG:
CSRF_COOKIE_SECURE = True SESSION_COOKIE_SECURE = True
CSRF_COOKIE_HTTPONLY = True CSRF_COOKIE_SECURE = True
X_FRAME_OPTIONS = 'DENY' CSRF_COOKIE_HTTPONLY = True
SECURE_CONTENT_TYPE_NOSNIFF = True X_FRAME_OPTIONS = 'DENY'
SECURE_BROWSER_XSS_FILTER = True SECURE_CONTENT_TYPE_NOSNIFF = True
SECURE_BROWSER_XSS_FILTER = True