From 0efd49203b5fa44344c5ee07bbc6502959a7a09f Mon Sep 17 00:00:00 2001
From: Leonardo Jimenez <leonardo@codetiger.co>
Date: Fri, 3 Jun 2016 11:51:28 -0700
Subject: [PATCH 1/5] Eliminate django-secure from requirements and settings
 files

---
 {{cookiecutter.project_slug}}/config/settings/common.py     | 2 +-
 {{cookiecutter.project_slug}}/config/settings/production.py | 6 +-----
 {{cookiecutter.project_slug}}/requirements/base.txt         | 1 -
 3 files changed, 2 insertions(+), 7 deletions(-)

diff --git a/{{cookiecutter.project_slug}}/config/settings/common.py b/{{cookiecutter.project_slug}}/config/settings/common.py
index 3668b4274..3e11ee433 100644
--- a/{{cookiecutter.project_slug}}/config/settings/common.py
+++ b/{{cookiecutter.project_slug}}/config/settings/common.py
@@ -53,7 +53,7 @@ INSTALLED_APPS = DJANGO_APPS + THIRD_PARTY_APPS + LOCAL_APPS
 # MIDDLEWARE CONFIGURATION
 # ------------------------------------------------------------------------------
 MIDDLEWARE_CLASSES = (
-    # Make sure djangosecure.middleware.SecurityMiddleware is listed first
+    'django.middleware.security.SecurityMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
     'django.middleware.common.CommonMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
diff --git a/{{cookiecutter.project_slug}}/config/settings/production.py b/{{cookiecutter.project_slug}}/config/settings/production.py
index 80302bee4..43b9b6e32 100644
--- a/{{cookiecutter.project_slug}}/config/settings/production.py
+++ b/{{cookiecutter.project_slug}}/config/settings/production.py
@@ -41,9 +41,7 @@ INSTALLED_APPS += ('djangosecure', )
 # See https://docs.getsentry.com/hosted/clients/python/integrations/django/
 INSTALLED_APPS += ('raven.contrib.django.raven_compat', )
 {%- endif %}
-SECURITY_MIDDLEWARE = (
-    'djangosecure.middleware.SecurityMiddleware',
-)
+
 {% if cookiecutter.use_whitenoise == 'y' -%}
 # Use Whitenoise to serve static files
 # See: https://whitenoise.readthedocs.io/
@@ -59,8 +57,6 @@ RAVEN_MIDDLEWARE = (
 MIDDLEWARE_CLASSES = RAVEN_MIDDLEWARE + MIDDLEWARE_CLASSES
 {%- endif %}
 
-# Make sure djangosecure.middleware.SecurityMiddleware is listed first
-MIDDLEWARE_CLASSES = SECURITY_MIDDLEWARE + MIDDLEWARE_CLASSES
 
 {% if cookiecutter.use_opbeat == 'y' -%}
 # opbeat integration
diff --git a/{{cookiecutter.project_slug}}/requirements/base.txt b/{{cookiecutter.project_slug}}/requirements/base.txt
index f5e35acd6..67a6fd6b0 100644
--- a/{{cookiecutter.project_slug}}/requirements/base.txt
+++ b/{{cookiecutter.project_slug}}/requirements/base.txt
@@ -11,7 +11,6 @@ django==1.9.6
 
 # Configuration
 django-environ==0.4.0
-django-secure==1.0.1
 {% if cookiecutter.use_whitenoise == 'y' -%}
 whitenoise==3.0
 {%- endif %}

From 0fa5261f4ad307b6d3c6b67d7144f2f9c48f6e10 Mon Sep 17 00:00:00 2001
From: Leonardo Jimenez <leonardo@codetiger.co>
Date: Fri, 3 Jun 2016 12:24:11 -0700
Subject: [PATCH 2/5] Include secure defaults for django security middleware

---
 {{cookiecutter.project_slug}}/config/settings/production.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/{{cookiecutter.project_slug}}/config/settings/production.py b/{{cookiecutter.project_slug}}/config/settings/production.py
index 43b9b6e32..6a2734315 100644
--- a/{{cookiecutter.project_slug}}/config/settings/production.py
+++ b/{{cookiecutter.project_slug}}/config/settings/production.py
@@ -78,9 +78,12 @@ SECURE_HSTS_INCLUDE_SUBDOMAINS = env.bool(
 SECURE_CONTENT_TYPE_NOSNIFF = env.bool(
     'DJANGO_SECURE_CONTENT_TYPE_NOSNIFF', default=True)
 SECURE_BROWSER_XSS_FILTER = True
-SESSION_COOKIE_SECURE = False
+SESSION_COOKIE_SECURE = True
 SESSION_COOKIE_HTTPONLY = True
 SECURE_SSL_REDIRECT = env.bool('DJANGO_SECURE_SSL_REDIRECT', default=True)
+CSRF_COOKIE_SECURE = True
+CSRF_COOKIE_HTTPONLY = True
+X_FRAME_OPTIONS = 'DENY'
 
 # SITE CONFIGURATION
 # ------------------------------------------------------------------------------

From 54575f02de700c151c2c6bb3dec8adc5d1dcd3c8 Mon Sep 17 00:00:00 2001
From: Jeremy Carbaugh <jeremy@jcarbaugh.com>
Date: Fri, 3 Jun 2016 12:29:20 -0700
Subject: [PATCH 3/5] Add settings required by SecurityMiddleware

also remove django-secure in prod settings
---
 .../config/settings/production.py                    | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/{{cookiecutter.project_slug}}/config/settings/production.py b/{{cookiecutter.project_slug}}/config/settings/production.py
index 6a2734315..1fc16a537 100644
--- a/{{cookiecutter.project_slug}}/config/settings/production.py
+++ b/{{cookiecutter.project_slug}}/config/settings/production.py
@@ -33,9 +33,6 @@ SECRET_KEY = env('DJANGO_SECRET_KEY')
 # properly on Heroku.
 SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
 
-# django-secure
-# ------------------------------------------------------------------------------
-INSTALLED_APPS += ('djangosecure', )
 {% if cookiecutter.use_sentry == 'y' -%}
 # raven sentry client
 # See https://docs.getsentry.com/hosted/clients/python/integrations/django/
@@ -71,6 +68,12 @@ MIDDLEWARE_CLASSES = (
     'opbeat.contrib.django.middleware.OpbeatAPMMiddleware',
 ) + MIDDLEWARE_CLASSES
 {%- endif %}
+
+# SECURITY CONFIGURATION
+# ------------------------------------------------------------------------------
+# See https://docs.djangoproject.com/en/1.9/ref/middleware/#module-django.middleware.security
+# and https://docs.djangoproject.com/ja/1.9/howto/deployment/checklist/#run-manage-py-check-deploy
+
 # set this to 60 seconds and then to 518400 when you can prove it works
 SECURE_HSTS_SECONDS = 60
 SECURE_HSTS_INCLUDE_SUBDOMAINS = env.bool(
@@ -78,11 +81,14 @@ SECURE_HSTS_INCLUDE_SUBDOMAINS = env.bool(
 SECURE_CONTENT_TYPE_NOSNIFF = env.bool(
     'DJANGO_SECURE_CONTENT_TYPE_NOSNIFF', default=True)
 SECURE_BROWSER_XSS_FILTER = True
+
 SESSION_COOKIE_SECURE = True
 SESSION_COOKIE_HTTPONLY = True
+
 SECURE_SSL_REDIRECT = env.bool('DJANGO_SECURE_SSL_REDIRECT', default=True)
 CSRF_COOKIE_SECURE = True
 CSRF_COOKIE_HTTPONLY = True
+
 X_FRAME_OPTIONS = 'DENY'
 
 # SITE CONFIGURATION

From a7eb85208d1908276fe91960a4d2b558d60bd577 Mon Sep 17 00:00:00 2001
From: Leonardo Jimenez <leonardo@codetiger.co>
Date: Fri, 3 Jun 2016 13:22:52 -0700
Subject: [PATCH 4/5] Eliminate empty spaces generated on Jinja on
 config/settings/production.py

---
 .../config/settings/production.py             | 33 +++++++------------
 1 file changed, 12 insertions(+), 21 deletions(-)

diff --git a/{{cookiecutter.project_slug}}/config/settings/production.py b/{{cookiecutter.project_slug}}/config/settings/production.py
index 1fc16a537..346bf7cb6 100644
--- a/{{cookiecutter.project_slug}}/config/settings/production.py
+++ b/{{cookiecutter.project_slug}}/config/settings/production.py
@@ -29,33 +29,26 @@ from .common import *  # noqa
 # Raises ImproperlyConfigured exception if DJANGO_SECRET_KEY not in os.environ
 SECRET_KEY = env('DJANGO_SECRET_KEY')
 
+
 # This ensures that Django will be able to detect a secure connection
 # properly on Heroku.
 SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
-
-{% if cookiecutter.use_sentry == 'y' -%}
+{%- if cookiecutter.use_sentry == 'y'-%}
 # raven sentry client
 # See https://docs.getsentry.com/hosted/clients/python/integrations/django/
 INSTALLED_APPS += ('raven.contrib.django.raven_compat', )
-{%- endif %}
-
-{% if cookiecutter.use_whitenoise == 'y' -%}
+{% endif %}
+{%- if cookiecutter.use_whitenoise == 'y' %}
 # Use Whitenoise to serve static files
 # See: https://whitenoise.readthedocs.io/
-WHITENOISE_MIDDLEWARE = (
-    'whitenoise.middleware.WhiteNoiseMiddleware',
-)
+WHITENOISE_MIDDLEWARE = ('whitenoise.middleware.WhiteNoiseMiddleware', )
 MIDDLEWARE_CLASSES = WHITENOISE_MIDDLEWARE + MIDDLEWARE_CLASSES
-{%- endif %}
-{% if cookiecutter.use_sentry == 'y' -%}
-RAVEN_MIDDLEWARE = (
-    'raven.contrib.django.raven_compat.middleware.SentryResponseErrorIdMiddleware',
-)
+{% endif %}
+{%- if cookiecutter.use_sentry == 'y' -%}
+RAVEN_MIDDLEWARE = ('raven.contrib.django.raven_compat.middleware.SentryResponseErrorIdMiddleware', )
 MIDDLEWARE_CLASSES = RAVEN_MIDDLEWARE + MIDDLEWARE_CLASSES
-{%- endif %}
-
-
-{% if cookiecutter.use_opbeat == 'y' -%}
+{% endif %}
+{%- if cookiecutter.use_opbeat == 'y' -%}
 # opbeat integration
 # See https://opbeat.com/languages/django/
 INSTALLED_APPS += ('opbeat.contrib.django',)
@@ -67,7 +60,7 @@ OPBEAT = {
 MIDDLEWARE_CLASSES = (
     'opbeat.contrib.django.middleware.OpbeatAPMMiddleware',
 ) + MIDDLEWARE_CLASSES
-{%- endif %}
+{% endif %}
 
 # SECURITY CONFIGURATION
 # ------------------------------------------------------------------------------
@@ -81,14 +74,11 @@ SECURE_HSTS_INCLUDE_SUBDOMAINS = env.bool(
 SECURE_CONTENT_TYPE_NOSNIFF = env.bool(
     'DJANGO_SECURE_CONTENT_TYPE_NOSNIFF', default=True)
 SECURE_BROWSER_XSS_FILTER = True
-
 SESSION_COOKIE_SECURE = True
 SESSION_COOKIE_HTTPONLY = True
-
 SECURE_SSL_REDIRECT = env.bool('DJANGO_SECURE_SSL_REDIRECT', default=True)
 CSRF_COOKIE_SECURE = True
 CSRF_COOKIE_HTTPONLY = True
-
 X_FRAME_OPTIONS = 'DENY'
 
 # SITE CONFIGURATION
@@ -100,6 +90,7 @@ ALLOWED_HOSTS = env.list('DJANGO_ALLOWED_HOSTS', default=['{{cookiecutter.domain
 
 INSTALLED_APPS += ('gunicorn', )
 
+
 # STORAGE CONFIGURATION
 # ------------------------------------------------------------------------------
 # Uploaded Media Files

From c5e984cf2365dba59061b930fe5fa14571c25659 Mon Sep 17 00:00:00 2001
From: Leonardo Jimenez <leonardo@codetiger.co>
Date: Fri, 3 Jun 2016 23:55:51 -0700
Subject: [PATCH 5/5] Include Licensing on the template

---
 LICENSE | 43 +++++++++++++++++++++++++++++++++++++------
 1 file changed, 37 insertions(+), 6 deletions(-)

diff --git a/LICENSE b/LICENSE
index 9a5d2fc08..2afdb0d8c 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,4 +1,17 @@
-Copyright (c) 2013-2016, Daniel Greenfeld
+{% if cookiecutter.open_source_license == 'MIT' %}
+MIT License
+
+Copyright (c) {% now 'local', '%Y' %}, {{ cookiecutter.full_name }}
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+{% elif cookiecutter.open_source_license == 'BSD' %}
+BSD License
+
+Copyright (c) {% now 'local', '%Y' %}, {{ cookiecutter.full_name }}
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without modification,
@@ -11,9 +24,9 @@ are permitted provided that the following conditions are met:
   list of conditions and the following disclaimer in the documentation and/or
   other materials provided with the distribution.
 
-* Neither the name of Cookiecutter Django nor the names of its contributors may
-  be used to endorse or promote products derived from this software without
-  specific prior written permission.
+* Neither the name of {{ cookiecutter.project_name }} nor the names of its
+  contributors may be used to endorse or promote products derived from this
+  software without specific prior written permission.
 
 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
 ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
@@ -21,7 +34,25 @@ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIME
 IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
 INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
 BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
-LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
 OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 OF THE POSSIBILITY OF SUCH DAMAGE.
+{% elif cookiecutter.open_source_license == 'Apache Software License 2.0' %}
+Apache Software License 2.0
+
+Copyright (c) {% now 'local', '%Y' %}, {{ cookiecutter.full_name }}
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+{% endif %}