8000 Add HTTPS options on production · python-doc-tw/pydoc_autobuild@f815f97 · GitHub
[go: up one dir, main page]
Skip to content

Commit f815f97

Browse files
ccwang002ccwang002
committed
Add HTTPS options on production
1 parent 5c0cabe commit f815f97

File tree

1 file changed

+12
-0
lines changed

1 file changed

+12
-0
lines changed

pydoc_autobuild/settings/production.py

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,18 @@
3535
# Increase default timeout time
3636
Q_CLUSTER['timeout'] = 3600
3737

38+
39+
# Securiy related settings
40+
SECURE_HSTS_SECONDS = 2592000
41+
SECURE_BROWSER_XSS_FILTER = True
42+
SECURE_CONTENT_TYPE_NOSNIFF=True
43+
SESSION_COOKIE_SECURE = True
44+
CSRF_COOKIE_SECURE = True
45+
CSRF_COOKIE_HTTPONLY = True
46+
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
47+
X_FRAME_OPTIONS = 'DENY'
48+
49+
3850
# Log everything to the logs directory at the top
3951
LOGFILE_ROOT = join(BASE_DIR, 'logs')
4052

0 commit comments

Comments
 (0)
0