archive/theorangeone.net-legacy
Archived
1
Fork 0
Code Releases Packages Activity

only harden when not debug

Browse source
This commit is contained in:
Jake Howard 2016-11-27 21:53:02 +00:00
parent cb109219f0
commit 5bf5900367
Signed by: jake
GPG key ID: 57AFB45680EDD477
1 changed files with 10 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
project/settings.py
View file

@ -13,15 +13,17 @@ SECRET_KEY = os.environ['SECRET_KEY']
EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
SESSION_COOKIE_SECURE = True if not DEBUG:
CSRF_COOKIE_SECURE = True print("NOT DEBUG!")
CSRF_COOKIE_HTTPONLY = True SESSION_COOKIE_SECURE = True
MAX_UPLOAD_SIZE = 5242880 # 5MB - 5242880 CSRF_COOKIE_SECURE = True
SECURE_CONTENT_TYPE_NOSNIFF = True CSRF_COOKIE_HTTPONLY = True
SECURE_BROWSER_XSS_FILTER = True SECURE_CONTENT_TYPE_NOSNIFF = True
SECURE_SSL_REDIRECT = True SECURE_BROWSER_XSS_FILTER = True
X_FRAME_OPTIONS = 'DENY' SECURE_SSL_REDIRECT = True
X_FRAME_OPTIONS = 'DENY'
MAX_UPLOAD_SIZE = 5242880 # 5MB - 5242880
# Application definition # Application definition