From 5bf59003675645756f44b62d8c1e700e9438e977 Mon Sep 17 00:00:00 2001
From: Jake Howard <git@theorangeone.net>
Date: Sun, 27 Nov 2016 21:53:02 +0000
Subject: [PATCH] only harden when not debug

---
 project/settings.py | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/project/settings.py b/project/settings.py
index 479ca22..e1db24b 100755
--- a/project/settings.py
+++ b/project/settings.py
@@ -13,15 +13,17 @@ SECRET_KEY = os.environ['SECRET_KEY']
 
 EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
 
-SESSION_COOKIE_SECURE = True
-CSRF_COOKIE_SECURE = True
-CSRF_COOKIE_HTTPONLY = True
-MAX_UPLOAD_SIZE = 5242880 # 5MB - 5242880
-SECURE_CONTENT_TYPE_NOSNIFF = True
-SECURE_BROWSER_XSS_FILTER = True
-SECURE_SSL_REDIRECT = True
-X_FRAME_OPTIONS = 'DENY'
+if not DEBUG:
+    print("NOT DEBUG!")
+    SESSION_COOKIE_SECURE = True
+    CSRF_COOKIE_SECURE = True
+    CSRF_COOKIE_HTTPONLY = True
+    SECURE_CONTENT_TYPE_NOSNIFF = True
+    SECURE_BROWSER_XSS_FILTER = True
+    SECURE_SSL_REDIRECT = True
 
+X_FRAME_OPTIONS = 'DENY'
+MAX_UPLOAD_SIZE = 5242880 # 5MB - 5242880
 
 
 # Application definition