skrd/musiclist-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
5f5abd178dfb89a1268a7c0cc1c0ca40dec58323
musiclist-server/musiclist/settings/prod.py
Daniel Cortes 11087c3a89 Only allow musiclist as cors origin
2020-06-03 16:02:14 -04:00

20 lines
459 B
Python
Raw Blame History

from . import *
DEBUG = False
SECRET_KEY = os.environ.get('DJANGO_SECRET_KEY')
ALLOWED_HOSTS = ['musiclist-api.danielcortes.xyz']
CORS_ORIGIN_ALLOW_ALL = False
CORS_ORIGIN_WHITELIST = [
'musiclist.danielcortes.xyz',
]
"""Security"""
SECURE_HSTS_SECONDS = 31536000
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
SECURE_HSTS_PRELOAD = True
SECURE_SSL_REDIRECT = True
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
SECURE_REFERRER_POLICY = 'strict-origin'
Reference in New Issue View Git Blame Copy Permalink