]> git.ipfire.org Git - thirdparty/patchwork.git/commitdiff
projects / thirdparty / patchwork.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 932abc2)
settings: Enable 'XFrameOptionsMiddleware'
authorStephen Finucane <stephen@that.guru>
Thu, 18 May 2017 20:23:59 +0000 (21:23 +0100)
committerStephen Finucane <stephen@that.guru>
Thu, 18 May 2017 20:24:15 +0000 (21:24 +0100)
This provides basic click jacking protection. This was identified using
'manage.py check --deploy'.

Signed-off-by: Stephen Finucane <stephen@that.guru>
patchwork/settings/base.py patch | blob | blame | history

diff --git a/patchwork/settings/base.py b/patchwork/settings/base.py
index 8776a5edcee0335e9f9dbb274fb18bae8f6419a9..fb6a76574c4942a78e58842f240daee0ab8cedf7 100644 (file)
--- a/patchwork/settings/base.py
+++ b/patchwork/settings/base.py
@@ -32,6 +32,7 @@ _MIDDLEWARE_CLASSES = [
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
+    'django.middleware.clickjacking.XFrameOptionsMiddleware',
 ]
 
 if django.VERSION >= (1, 7):
Mirror of https://github.com/getpatchwork/patchwork.git