summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--settings.py17
1 files changed, 8 insertions, 9 deletions
diff --git a/settings.py b/settings.py
index 83ce1b3..2c843be 100644
--- a/settings.py
+++ b/settings.py
@@ -115,15 +115,14 @@ INSTALLED_APPS = (
)
MIDDLEWARE_CLASSES = (
- 'django.middleware.security.SecurityMiddleware',
- 'django.middleware.common.CommonMiddleware',
- 'django.contrib.sessions.middleware.SessionMiddleware',
- 'django.contrib.auth.middleware.AuthenticationMiddleware',
- 'django.middleware.csrf.CsrfViewMiddleware',
- 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
- 'django.contrib.messages.middleware.MessageMiddleware',
- 'django.middleware.clickjacking.XFrameOptionsMiddleware',
- 'troggle.middleware.SmartAppendSlashMiddleware'
+ 'django.middleware.security.SecurityMiddleware', # SECURE_SSL_REDIRECT and SECURE_SSL_HOST
+ 'django.contrib.sessions.middleware.SessionMiddleware', # Manages sessions across requests
+ 'django.middleware.common.CommonMiddleware', # DISALLOWED_USER_AGENTS, APPEND_SLASH and PREPEND_WWW
+ 'django.middleware.csrf.CsrfViewMiddleware', # Cross Site Request Forgeries by adding hidden form fields to POST
+ 'django.contrib.auth.middleware.AuthenticationMiddleware', # Adds the user attribute, representing the currently-logged-in user, to every incoming HttpRequest
+ 'django.contrib.messages.middleware.MessageMiddleware', # Cookie-based and session-based message support
+ 'django.middleware.clickjacking.XFrameOptionsMiddleware', # lickjacking protection via the X-Frame-Options header
+ 'troggle.middleware.SmartAppendSlashMiddleware' # Outdated & unneeded?
)
ROOT_URLCONF = 'troggle.urls'
generated by cgit v1.2.3 (git 2.39.1) at 2025-07-08 22:50:25 +0000