Add some secure settings

This commit is contained in:
Gabriel Augendre 2020-08-21 13:40:02 +02:00
parent 02f64aef12
commit d53d4f9823

View file

@ -53,6 +53,10 @@ HOSTS = os.getenv("HOSTS")
if HOSTS:
ALLOWED_HOSTS.extend(HOSTS.split(";"))
SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
SESSION_COOKIE_SECURE = not DEBUG
CSRF_COOKIE_SECURE = not DEBUG
# Application definition