flo/nsupdate.info
1
0
Fork 0
Code Issues 1 Pull Requests 2 Packages Releases Activity

Add Referrer-Policy HTTP Header, #281

Browse Source
This commit is contained in:
Fabian Weisshaar 2019-03-05 11:58:46 +01:00
parent 5b930d07fc
commit 1732ace5a0
3 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
requirements.d/all.txt
View File

@ -3,6 +3,7 @@ dnspython
netaddr netaddr
django~=1.11.0 django~=1.11.0
django-bootstrap-form django-bootstrap-form
django-referrer-policy
django-registration-redux django-registration-redux
django-extensions django-extensions
social-auth-app-django social-auth-app-django

1
setup.py
View File

@ -33,6 +33,7 @@ setup(
'netaddr', 'netaddr',
'django>=1.11.0', 'django>=1.11.0',
'django-bootstrap-form', 'django-bootstrap-form',
'django-referrer-policy',
'django-registration-redux', 'django-registration-redux',
'django-extensions', 'django-extensions',
'social-auth-app-django', 'social-auth-app-django',

2
src/nsupdate/settings/base.py
View File

@ -167,6 +167,7 @@ MIDDLEWARE = (
'django.contrib.sessions.middleware.SessionMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.locale.LocaleMiddleware', 'django.middleware.locale.LocaleMiddleware',
'django.middleware.csrf.CsrfViewMiddleware', 'django.middleware.csrf.CsrfViewMiddleware',
'django_referrer_policy.middleware.ReferrerPolicyMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware', 'django.contrib.messages.middleware.MessageMiddleware',
'social_django.middleware.SocialAuthExceptionMiddleware', 'social_django.middleware.SocialAuthExceptionMiddleware',
@ -275,6 +276,7 @@ LOGOUT_REDIRECT_URL = '/'
X_FRAME_OPTIONS = 'DENY' # for clickjacking middleware X_FRAME_OPTIONS = 'DENY' # for clickjacking middleware
SECURE_BROWSER_XSS_FILTER = True SECURE_BROWSER_XSS_FILTER = True
SECURE_CONTENT_TYPE_NOSNIFF = True SECURE_CONTENT_TYPE_NOSNIFF = True
REFERRER_POLICY = 'same-origin'
CSRF_FAILURE_VIEW = 'nsupdate.main.views.csrf_failure_view' CSRF_FAILURE_VIEW = 'nsupdate.main.views.csrf_failure_view'