diff options
author | Philip Sargent <philip.sargent@klebos.com> | 2021-05-04 14:17:07 +0100 |
---|---|---|
committer | Philip Sargent <philip.sargent@klebos.com> | 2021-05-04 14:17:07 +0100 |
commit | 1d9d96f467b6f544326b87e1112326b6162b3fe1 (patch) | |
tree | c1444fa1599204a1d0f312a6d2be8b93f5228f69 /settings.py | |
parent | 56c3517328e32e64d2f0e16f3bbe811e53896a85 (diff) | |
download | troggle-1d9d96f467b6f544326b87e1112326b6162b3fe1.tar.gz troggle-1d9d96f467b6f544326b87e1112326b6162b3fe1.tar.bz2 troggle-1d9d96f467b6f544326b87e1112326b6162b3fe1.zip |
IFRAMES chnaged to DENY
Diffstat (limited to 'settings.py')
-rw-r--r-- | settings.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/settings.py b/settings.py index 7f53835..218c27d 100644 --- a/settings.py +++ b/settings.py @@ -122,7 +122,7 @@ SECURE_CONTENT_TYPE_NOSNIFF = True SECURE_BROWSER_XSS_FILTER = True # SESSION_COOKIE_SECURE = True # if enabled, cannot login to Django control panel, bug elsewhere? # CSRF_COOKIE_SECURE = True # if enabled only sends cookies over SSL -X_FRAME_OPTIONS = 'SAMEORIGIN' # change to "DENY" after we eliminate all the iframes e.g. /xmlvalid.html +X_FRAME_OPTIONS = 'DENY' # changed to "DENY" after I eliminated all the iframes e.g. /xmlvalid.html DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField' # from Django 3.2 |