18 lines
478 B
Python
18 lines
478 B
Python
from . import *
|
|
|
|
DEBUG = False
|
|
SECRET_KEY = os.environ.get('DJANGO_SECRET_KEY')
|
|
ALLOWED_HOSTS = ['musiclist-api.danielcortes.xyz']
|
|
|
|
CORS_ORIGIN_ALLOW_ALL = False
|
|
CORS_ORIGIN_WHITELIST = ['musiclist.danielcortes.xyz', 'localhost', '127.0.0.1']
|
|
|
|
"""Security"""
|
|
SECURE_HSTS_SECONDS = 31536000
|
|
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
|
|
SECURE_HSTS_PRELOAD = True
|
|
SECURE_SSL_REDIRECT = True
|
|
SESSION_COOKIE_SECURE = True
|
|
CSRF_COOKIE_SECURE = True
|
|
SECURE_REFERRER_POLICY = 'strict-origin'
|