diff options
Diffstat (limited to 'settings.py')
| -rw-r--r-- | settings.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/settings.py b/settings.py index 545cf1f..df5268e 100644 --- a/settings.py +++ b/settings.py @@ -109,7 +109,7 @@ SECRET_KEY = "not-the-real-secret-key-a#vaeozn0---^fj!355qki*vj2" LOGIN_REDIRECT_URL = '/' SECURE_CONTENT_TYPE_NOSNIFF = True SECURE_BROWSER_XSS_FILTER = True -#SESSION_COOKIE_SECURE = True # if enabled, cannot login to Django control panel +#SESSION_COOKIE_SECURE = True # if enabled, cannot login to Django control panel, bug elsewhere? CSRF_COOKIE_SECURE = True X_FRAME_OPTIONS = 'SAMEORIGIN' # change to "DENY" after we eliminate all the iframes e.g. /xmlvalid.html |