diff options
Diffstat (limited to 'settings.py')
| -rw-r--r-- | settings.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/settings.py b/settings.py index 7f53835..218c27d 100644 --- a/settings.py +++ b/settings.py @@ -122,7 +122,7 @@ SECURE_CONTENT_TYPE_NOSNIFF = True SECURE_BROWSER_XSS_FILTER = True # SESSION_COOKIE_SECURE = True # if enabled, cannot login to Django control panel, bug elsewhere? # CSRF_COOKIE_SECURE = True # if enabled only sends cookies over SSL -X_FRAME_OPTIONS = 'SAMEORIGIN' # change to "DENY" after we eliminate all the iframes e.g. /xmlvalid.html +X_FRAME_OPTIONS = 'DENY' # changed to "DENY" after I eliminated all the iframes e.g. /xmlvalid.html DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField' # from Django 3.2 |