Ban CORS requests to the siteadmin and to the auth forms, just in case
This commit is contained in:
parent
30c4c8ec8f
commit
b32cefe762
1 changed files with 1 additions and 0 deletions
|
@ -235,6 +235,7 @@ AGENT_COOKIE_SECURE = True
|
||||||
|
|
||||||
# django-cors-headers
|
# django-cors-headers
|
||||||
CORS_ORIGIN_ALLOW_ALL = True
|
CORS_ORIGIN_ALLOW_ALL = True
|
||||||
|
CORS_URLS_REGEX = r'^/(?!admin|auth/(?:login|logout|indie)).*$'
|
||||||
|
|
||||||
# django-debug-toolbar
|
# django-debug-toolbar
|
||||||
# https://django-debug-toolbar.readthedocs.io/en/stable/configuration.html
|
# https://django-debug-toolbar.readthedocs.io/en/stable/configuration.html
|
||||||
|
|
Loading…
Reference in a new issue