mirror of
https://github.com/DarrenOfficial/dpaste.git
synced 2024-11-23 11:56:36 +11:00
CSP Settings
This commit is contained in:
parent
faf8874f50
commit
8582114b90
1 changed files with 11 additions and 7 deletions
|
@ -98,13 +98,6 @@ MIDDLEWARE_CLASSES = [
|
||||||
'csp.middleware.CSPMiddleware',
|
'csp.middleware.CSPMiddleware',
|
||||||
]
|
]
|
||||||
|
|
||||||
SESSION_COOKIE_SECURE = True
|
|
||||||
CSRF_COOKIE_SECURE = True
|
|
||||||
|
|
||||||
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
|
|
||||||
SECURE_BROWSER_XSS_FILTER =True
|
|
||||||
SECURE_CONTENT_TYPE_NOSNIFF = True
|
|
||||||
|
|
||||||
TEMPLATES = [
|
TEMPLATES = [
|
||||||
{
|
{
|
||||||
'BACKEND': 'django.template.backends.django.DjangoTemplates',
|
'BACKEND': 'django.template.backends.django.DjangoTemplates',
|
||||||
|
@ -143,6 +136,17 @@ DATABASES = {
|
||||||
# stored in the user session.
|
# stored in the user session.
|
||||||
MAX_SNIPPETS_PER_USER = 25
|
MAX_SNIPPETS_PER_USER = 25
|
||||||
|
|
||||||
|
SESSION_COOKIE_SECURE = True
|
||||||
|
CSRF_COOKIE_SECURE = True
|
||||||
|
|
||||||
|
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
|
||||||
|
SECURE_BROWSER_XSS_FILTER =True
|
||||||
|
SECURE_CONTENT_TYPE_NOSNIFF = True
|
||||||
|
|
||||||
|
CSP_DEFAULT_SRC = ("'none'",)
|
||||||
|
CSP_SCRIPT_SRC = ("'self'", "'unsafe-inline'")
|
||||||
|
CSP_STYLE_SRC = ("'self'", "'unsafe-inline'")
|
||||||
|
|
||||||
LOGGING = {
|
LOGGING = {
|
||||||
'version': 1,
|
'version': 1,
|
||||||
'disable_existing_loggers': False,
|
'disable_existing_loggers': False,
|
||||||
|
|
Loading…
Reference in a new issue