Make SECURE_PROXY_SSL_HEADER setting configurable
Signed-off-by: Alfredos-Panagiotis Damkalis <fredy@fredy.gr>spacecruft
parent
4117ef7fb4
commit
cdd2cee02f
|
@ -390,7 +390,13 @@ SPECTACULAR_SETTINGS = {
|
|||
# Security
|
||||
SECRET_KEY = config('SECRET_KEY', default='changeme')
|
||||
SECURE_HSTS_SECONDS = config('SECURE_HSTS_SECONDS', default=31536000, cast=int)
|
||||
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
|
||||
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
|
||||
SECURE_CONTENT_TYPE_NOSNIFF = True
|
||||
SECURE_BROWSER_XSS_FILTER = True
|
||||
SECURE_PROXY_SSL_HEADER = config(
|
||||
'SECURE_PROXY_SSL_HEADER', default='', cast=Csv(post_process=tuple)
|
||||
) or None
|
||||
ALLOWED_HOSTS = config('ALLOWED_HOSTS', default='localhost', cast=Csv())
|
||||
CORS_ALLOW_ALL_ORIGINS = config('CORS_ALLOW_ALL_ORIGINS', default=True, cast=bool)
|
||||
CORS_URLS_REGEX = config('CORS_URLS_REGEX', default=r'^(?:/api/artifacts/.*|/media/artifacts/.*)$')
|
||||
CORS_ALLOW_METHODS = config('CORS_ALLOW_METHODS', default='GET, OPTIONS', cast=Csv())
|
||||
|
@ -436,10 +442,6 @@ CSP_WORKER_SRC = config(
|
|||
CSP_CHILD_SRC = config(
|
||||
'CSP_CHILD_SRC', cast=lambda v: tuple(s.strip() for s in v.split(',')), default='blob:'
|
||||
)
|
||||
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
|
||||
SECURE_CONTENT_TYPE_NOSNIFF = True
|
||||
SECURE_BROWSER_XSS_FILTER = True
|
||||
ALLOWED_HOSTS = config('ALLOWED_HOSTS', default='localhost', cast=Csv())
|
||||
|
||||
# Database
|
||||
DATABASE_URL = config('DATABASE_URL', default='sqlite:///db.sqlite3')
|
||||
|
|
Loading…
Reference in New Issue