cookiecutter/cookiecutter-django
1
1
Fork 0
mirror of https://github.com/cookiecutter/cookiecutter-django.git synced 2025-07-10 16:12:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #130 from theskumar/fix-dj-secure

Browse Source 
fix(security/dj-secure): add missing middleware of django-secure
This commit is contained in:
Saurabh Kumar 2014-09-16 23:06:31 +05:30
commit 8695c83fdf
2 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
{{cookiecutter.repo_name}}/{{cookiecutter.repo_name}}/config/common.py
View File

@ -56,6 +56,8 @@ class Common(Configuration):
# MIDDLEWARE CONFIGURATION # MIDDLEWARE CONFIGURATION
MIDDLEWARE_CLASSES = ( MIDDLEWARE_CLASSES = (
# Make sure djangosecure.middleware.SecurityMiddleware is listed first
'djangosecure.middleware.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware', 'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware', 'django.middleware.csrf.CsrfViewMiddleware',

4
{{cookiecutter.repo_name}}/{{cookiecutter.repo_name}}/config/production.py
View File

@ -22,6 +22,10 @@ from .common import Common
class Production(Common): class Production(Common):
# This ensures that Django will be able to detect a secure connection
# properly on Heroku.
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
# INSTALLED_APPS # INSTALLED_APPS
INSTALLED_APPS = Common.INSTALLED_APPS INSTALLED_APPS = Common.INSTALLED_APPS
# END INSTALLED_APPS # END INSTALLED_APPS