mirror of
https://github.com/DarrenOfficial/dpaste.git
synced 2024-12-19 00:09:21 +11:00
Clickjacking middleware
This commit is contained in:
parent
30dd414a0f
commit
49edeecca0
2 changed files with 5 additions and 1 deletions
|
@ -89,7 +89,7 @@ MIDDLEWARE_CLASSES = (
|
|||
'dpaste.disable.DisableCSRF',
|
||||
'django.middleware.common.CommonMiddleware',
|
||||
'django.contrib.sessions.middleware.SessionMiddleware',
|
||||
#'django.contrib.messages.middleware.MessageMiddleware',
|
||||
'django.middleware.clickjacking.XFrameOptionsMiddleware',
|
||||
)
|
||||
|
||||
TEMPLATE_CONTEXT_PROCESSORS += (
|
||||
|
|
|
@ -24,6 +24,8 @@ server {
|
|||
ssl_certificate /srv/dpaste.de/var/ssl/dpaste_de_unified.crt;
|
||||
ssl_certificate_key /srv/dpaste.de/var/ssl/dpaste_de.key;
|
||||
|
||||
add_header Strict-Transport-Security max-age=31536000;
|
||||
|
||||
include /srv/dpaste.de/src/dpaste/server/nginx_server.conf;
|
||||
}
|
||||
|
||||
|
@ -34,5 +36,7 @@ server {
|
|||
ssl_certificate /srv/dpaste.de/var/ssl/dpaste_org_unified.crt;
|
||||
ssl_certificate_key /srv/dpaste.de/var/ssl/dpaste_org.key;
|
||||
|
||||
add_header Strict-Transport-Security max-age=31536000;
|
||||
|
||||
include /srv/dpaste.de/src/dpaste/server/nginx_server.conf;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue