Be less paranoid when DEBUG is enabled
This commit is contained in:
parent
b7ace57996
commit
7736df17ea
|
@ -144,10 +144,11 @@ LOGIN_REDIRECT_URL = '/'
|
|||
|
||||
TAGGIT_CASE_INSENSITIVE = True
|
||||
|
||||
# Some security settings
|
||||
SESSION_COOKIE_SECURE = True
|
||||
CSRF_COOKIE_SECURE = True
|
||||
CSRF_COOKIE_HTTPONLY = True
|
||||
X_FRAME_OPTIONS = 'DENY'
|
||||
SECURE_CONTENT_TYPE_NOSNIFF = True
|
||||
SECURE_BROWSER_XSS_FILTER = True
|
||||
# Some security settings only active in production
|
||||
if not DEBUG:
|
||||
SESSION_COOKIE_SECURE = True
|
||||
CSRF_COOKIE_SECURE = True
|
||||
CSRF_COOKIE_HTTPONLY = True
|
||||
X_FRAME_OPTIONS = 'DENY'
|
||||
SECURE_CONTENT_TYPE_NOSNIFF = True
|
||||
SECURE_BROWSER_XSS_FILTER = True
|
||||
|
|
Loading…
Reference in New Issue