00dani
/
lemoncurry
1
0
Fork 1
Code Issues Pull Requests Releases Wiki Activity

Ban CORS requests to the siteadmin and to the auth forms, just in case

This commit is contained in:
Danielle McLean 2018-05-09 01:29:30 +10:00
parent 30c4c8ec8f
commit b32cefe762
Signed by: 00dani
GPG Key ID: 8EB789DDF3ABD240
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lemoncurry/settings/base.py
View File

@ -235,6 +235,7 @@ AGENT_COOKIE_SECURE = True
# django-cors-headers
CORS_ORIGIN_ALLOW_ALL = True
CORS_URLS_REGEX = r'^/(?!admin|auth/(?:login|logout|indie)).*$'
# django-debug-toolbar
# https://django-debug-toolbar.readthedocs.io/en/stable/configuration.html