diff options
Diffstat (limited to 'example_project')
| -rw-r--r-- | example_project/settings.py | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/example_project/settings.py b/example_project/settings.py index cd0d51557..0aafbdf90 100644 --- a/example_project/settings.py +++ b/example_project/settings.py @@ -447,14 +447,16 @@ if SENTRY_ID and sentry_sdk: if ISHTAR_SECURE_OPTIONS: # verify https is ok before activating - SESSION_COOKIE_SECURE = True MIDDLEWARE += [ "django.middleware.security.SecurityMiddleware", "django.middleware.clickjacking.XFrameOptionsMiddleware", ] SECURE_HSTS_SECONDS = 31536000 + SECURE_HSTS_PRELOAD = True + SECURE_HSTS_INCLUDE_SUBDOMAINS = True SECURE_CONTENT_TYPE_NOSNIFF = True SECURE_BROWSER_XSS_FILTER = True SECURE_SSL_REDIRECT = True + SESSION_COOKIE_SECURE = True CSRF_COOKIE_SECURE = True X_FRAME_OPTIONS = "DENY" |