From 7ed81278049d42dd4206235247346711e0e74fc5 Mon Sep 17 00:00:00 2001
From: Stephen Finucane <stephen@that.guru>
Date: Thu, 18 May 2017 21:23:59 +0100
Subject: [PATCH] settings: Enable 'XFrameOptionsMiddleware'

This provides basic click jacking protection. This was identified using
'manage.py check --deploy'.

Signed-off-by: Stephen Finucane <stephen@that.guru>
---
 patchwork/settings/base.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/patchwork/settings/base.py b/patchwork/settings/base.py
index 8776a5ed..fb6a7657 100644
--- a/patchwork/settings/base.py
+++ b/patchwork/settings/base.py
@@ -32,6 +32,7 @@ _MIDDLEWARE_CLASSES = [
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
+    'django.middleware.clickjacking.XFrameOptionsMiddleware',
 ]
 
 if django.VERSION >= (1, 7):
-- 
2.47.3