only harden when not debug
This commit is contained in:
parent
cb109219f0
commit
5bf5900367
GPG key ID:
57AFB45680EDD477
1 changed files with 10 additions and 8 deletions
|
|
@ -13,15 +13,17 @@ SECRET_KEY = os.environ['SECRET_KEY']
|
|||
|
||||
EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
|
||||
|
||||
if not DEBUG:
|
||||
print("NOT DEBUG!")
|
||||
SESSION_COOKIE_SECURE = True
|
||||
CSRF_COOKIE_SECURE = True
|
||||
CSRF_COOKIE_HTTPONLY = True
|
||||
MAX_UPLOAD_SIZE = 5242880 # 5MB - 5242880
|
||||
SECURE_CONTENT_TYPE_NOSNIFF = True
|
||||
SECURE_BROWSER_XSS_FILTER = True
|
||||
SECURE_SSL_REDIRECT = True
|
||||
X_FRAME_OPTIONS = 'DENY'
|
||||
|
||||
X_FRAME_OPTIONS = 'DENY'
|
||||
MAX_UPLOAD_SIZE = 5242880 # 5MB - 5242880
|
||||
|
||||
|
||||
# Application definition
|
||||
|
|
|
|||
Reference in a new issue