Skip to content

Commit

Permalink
Update security settings
Browse files Browse the repository at this point in the history
  • Loading branch information
@tudoramariei
tudoramariei committed Dec 27, 2023
1 parent 5311b69 commit dcc5d59
Showing 1 changed file with 14 additions and 1 deletion.
15 changes: 14 additions & 1 deletion backend/redirectioneaza/settings.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,10 @@
DONATIONS_LIMIT_DATE=(str, "2016-05-25"),
DONATIONS_LIMIT_TO_CURRENT_YEAR=(bool, True),
DEFAULT_NGO_LOGO=(str, "https://storage.googleapis.com/redirectioneaza/logo_bw.png"),
# security settings
ALLOWED_HOSTS=(list, ["*"]),
CORS_ALLOWED_ORIGINS=(list, []),
CORS_ALLOW_ALL_ORIGINS=(bool, False),
# zipping settings
ZIPPY_URL=(str, "zippy:8000"),
# email settings
Expand Down Expand Up @@ -90,8 +94,17 @@
DJANGO_ADMIN_PASSWORD = env.str("DJANGO_ADMIN_PASSWORD", None)
DJANGO_ADMIN_EMAIL = env.str("DJANGO_ADMIN_EMAIL", None)

ALLOWED_HOSTS = []
# Security settings

ALLOWED_HOSTS = env.list("ALLOWED_HOSTS")

CSRF_HEADER_NAME = "HTTP_X_XSRF_TOKEN"
CSRF_COOKIE_NAME = "XSRF-TOKEN"

CORS_ALLOWED_ORIGINS = env.list("CORS_ALLOWED_ORIGINS")
CORS_ALLOW_ALL_ORIGINS = env.bool("CORS_ALLOW_ALL_ORIGINS")

# Application definition
APPEND_SLASH = True

# some settings will be different if it's not running in a container (e.g., locally, on a Mac)
Expand Down

0 comments on commit dcc5d59

Please sign in to comment.