diff options
| author | Philip Sargent <philip.sargent@klebos.com> | 2022-10-26 00:20:47 +0100 |
|---|---|---|
| committer | Philip Sargent <philip.sargent@klebos.com> | 2022-10-26 00:20:47 +0100 |
| commit | d9ed90b729161dd17cc91b04e703a5373b4dcb0d (patch) | |
| tree | 5b6689421aa879376f88bcfbbbfe1778560c5711 /security-warnings.txt | |
| parent | d82c521f4fc7fb1a14f82a243956c17ecfb395ba (diff) | |
| download | troggle-d9ed90b729161dd17cc91b04e703a5373b4dcb0d.tar.gz troggle-d9ed90b729161dd17cc91b04e703a5373b4dcb0d.tar.bz2 troggle-d9ed90b729161dd17cc91b04e703a5373b4dcb0d.zip | |
update for old PC settings
Diffstat (limited to 'security-warnings.txt')
| -rw-r--r-- | security-warnings.txt | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/security-warnings.txt b/security-warnings.txt index 236f7c9..11f4f2c 100644 --- a/security-warnings.txt +++ b/security-warnings.txt @@ -1,10 +1,9 @@ System check identified some issues: WARNINGS: -?: (admin.W411) 'django.template.context_processors.request' must be enabled in DjangoTemplates (TEMPLATES) in order to use the admin navigation sidebar. ?: (security.W001) You do not have 'django.middleware.security.SecurityMiddleware' in your MIDDLEWARE so the SECURE_HSTS_SECONDS, SECURE_CONTENT_TYPE_NOSNIFF, SECURE_BROWSER_XSS_FILTER, SECURE_REFERRER_POLICY, and SECURE_SSL_REDIRECT settings will have no effect. ?: (security.W012) SESSION_COOKIE_SECURE is not set to True. Using a secure-only session cookie makes it more difficult for network traffic sniffers to hijack user sessions. ?: (security.W016) You have 'django.middleware.csrf.CsrfViewMiddleware' in your MIDDLEWARE, but you have not set CSRF_COOKIE_SECURE to True. Using a secure-only CSRF cookie makes it more difficult for network traffic sniffers to steal the CSRF token. ?: (security.W018) You should not have DEBUG set to True in deployment. -System check identified 5 issues (0 silenced). +System check identified 4 issues (0 silenced). |