Add some extra security headers
This commit is contained in:
parent
309955a052
commit
ccc9e24e77
1 changed files with 10 additions and 0 deletions
|
@ -226,3 +226,13 @@ REST_FRAMEWORK = {
|
||||||
"rest_framework.authentication.SessionAuthentication",
|
"rest_framework.authentication.SessionAuthentication",
|
||||||
],
|
],
|
||||||
}
|
}
|
||||||
|
|
||||||
|
SECURE_BROWSER_XSS_FILTER = True
|
||||||
|
SECURE_CONTENT_TYPE_NOSNIFF = True
|
||||||
|
X_FRAME_OPTIONS = "DENY"
|
||||||
|
SECURE_REFERRER_POLICY = "same-origin"
|
||||||
|
|
||||||
|
SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
|
||||||
|
|
||||||
|
if not DEBUG:
|
||||||
|
SECURE_HSTS_SECONDS = 86400 # 1 day
|
||||||
|
|
Loading…
Reference in a new issue