mirror of
https://github.com/DarrenOfficial/dpaste.git
synced 2024-11-15 16:12:51 +11:00
Clickjacking middleware
This commit is contained in:
parent
30dd414a0f
commit
49edeecca0
2 changed files with 5 additions and 1 deletions
|
@ -89,7 +89,7 @@ MIDDLEWARE_CLASSES = (
|
||||||
'dpaste.disable.DisableCSRF',
|
'dpaste.disable.DisableCSRF',
|
||||||
'django.middleware.common.CommonMiddleware',
|
'django.middleware.common.CommonMiddleware',
|
||||||
'django.contrib.sessions.middleware.SessionMiddleware',
|
'django.contrib.sessions.middleware.SessionMiddleware',
|
||||||
#'django.contrib.messages.middleware.MessageMiddleware',
|
'django.middleware.clickjacking.XFrameOptionsMiddleware',
|
||||||
)
|
)
|
||||||
|
|
||||||
TEMPLATE_CONTEXT_PROCESSORS += (
|
TEMPLATE_CONTEXT_PROCESSORS += (
|
||||||
|
|
|
@ -24,6 +24,8 @@ server {
|
||||||
ssl_certificate /srv/dpaste.de/var/ssl/dpaste_de_unified.crt;
|
ssl_certificate /srv/dpaste.de/var/ssl/dpaste_de_unified.crt;
|
||||||
ssl_certificate_key /srv/dpaste.de/var/ssl/dpaste_de.key;
|
ssl_certificate_key /srv/dpaste.de/var/ssl/dpaste_de.key;
|
||||||
|
|
||||||
|
add_header Strict-Transport-Security max-age=31536000;
|
||||||
|
|
||||||
include /srv/dpaste.de/src/dpaste/server/nginx_server.conf;
|
include /srv/dpaste.de/src/dpaste/server/nginx_server.conf;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -34,5 +36,7 @@ server {
|
||||||
ssl_certificate /srv/dpaste.de/var/ssl/dpaste_org_unified.crt;
|
ssl_certificate /srv/dpaste.de/var/ssl/dpaste_org_unified.crt;
|
||||||
ssl_certificate_key /srv/dpaste.de/var/ssl/dpaste_org.key;
|
ssl_certificate_key /srv/dpaste.de/var/ssl/dpaste_org.key;
|
||||||
|
|
||||||
|
add_header Strict-Transport-Security max-age=31536000;
|
||||||
|
|
||||||
include /srv/dpaste.de/src/dpaste/server/nginx_server.conf;
|
include /srv/dpaste.de/src/dpaste/server/nginx_server.conf;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue