cookiecutter/cookiecutter-django
1
1
Fork 0
mirror of https://github.com/cookiecutter/cookiecutter-django.git synced 2025-01-26 09:14:30 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix(security/dj-secure): add missing middleware of django-secure

Browse Source 
- For the working of django-secure the middleware class needs
to be added. (http://django-secure.readthedocs.org/en/latest/index.html#usage)
- add correct values for SECURE_PROXY_SSL_HEADER for heroku
This commit is contained in:
Saurabh Kumar 2014-09-13 02:02:43 +05:30
parent 73b55998b5
commit 5d004ba6e4
2 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
{{cookiecutter.repo_name}}/{{cookiecutter.repo_name}}/config/common.py
View File

@ -56,6 +56,8 @@ class Common(Configuration):
# MIDDLEWARE CONFIGURATION # MIDDLEWARE CONFIGURATION
MIDDLEWARE_CLASSES = ( MIDDLEWARE_CLASSES = (
# Make sure djangosecure.middleware.SecurityMiddleware is listed first
'djangosecure.middleware.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware', 'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware', 'django.middleware.csrf.CsrfViewMiddleware',

4
{{cookiecutter.repo_name}}/{{cookiecutter.repo_name}}/config/production.py
View File

@ -22,6 +22,10 @@ from .common import Common
class Production(Common): class Production(Common):
# This ensures that Django will be able to detect a secure connection
# properly on Heroku.
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
# INSTALLED_APPS # INSTALLED_APPS
INSTALLED_APPS = Common.INSTALLED_APPS INSTALLED_APPS = Common.INSTALLED_APPS
# END INSTALLED_APPS # END INSTALLED_APPS