altf4arnold/datatracker
1
0
Fork 0
Code Issues Pull requests Actions 3 Packages Projects Releases Wiki Activity

fix: X-Frame-Options can only be DENY or SAMEORIGIN these days (#3634)

Browse source
This commit is contained in:
Lars Eggert 2022-03-14 18:42:20 +02:00 committed by GitHub
parent 646b7e52ad
commit 5125bb16ef
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
ietf/settings.py
View file

@ -326,7 +326,7 @@ UTILS_LOGGER_LEVELS: Dict[str, str] = {
# ------------------------------------------------------------------------
X_FRAME_OPTIONS = 'ALLOW-FROM ietf.org *.ietf.org meetecho.com *.meetecho.com gather.town *.gather.town'
X_FRAME_OPTIONS = 'SAMEORIGIN'
CSRF_TRUSTED_ORIGINS = ['ietf.org', '*.ietf.org', 'meetecho.com', '*.meetecho.com', 'gather.town', '*.gather.town', ]
CSRF_COOKIE_SAMESITE = 'None'
CSRF_COOKIE_SECURE = True