BenLubar/lemoncurry
1
0
Fork 0
forked from 00dani/lemoncurry
Code Issues Pull requests Releases Wiki Activity

Ban CORS requests to the siteadmin and to the auth forms, just in case

Browse source
This commit is contained in:
Danielle McLean 2018-05-09 01:29:30 +10:00
parent 30c4c8ec8f
commit b32cefe762
Signed by untrusted user: 00dani
GPG key ID: 8EB789DDF3ABD240
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
lemoncurry/settings/base.py
View file

@ -235,6 +235,7 @@ AGENT_COOKIE_SECURE = True
# django-cors-headers # django-cors-headers
CORS_ORIGIN_ALLOW_ALL = True CORS_ORIGIN_ALLOW_ALL = True
CORS_URLS_REGEX = r'^/(?!admin|auth/(?:login|logout|indie)).*$'
# django-debug-toolbar # django-debug-toolbar
# https://django-debug-toolbar.readthedocs.io/en/stable/configuration.html # https://django-debug-toolbar.readthedocs.io/en/stable/configuration.html