Verified Commit 5895b2a2 authored by Jelle van der Waa's avatar Jelle van der Waa 🚧
Browse files

Set two more security headers

Enable X-Content-Type-Options to prevent a browser from sniffing the
MIME type if the content type is not set. Enable cross site filter
protection supported by most browsers.
parent e8e80f35
......@@ -51,6 +51,7 @@
......@@ -81,6 +82,12 @@
# Clickjacking protection
# X-Content-Type-Options, stops browsers from trying to MIME-sniff the content type
# X-XSS-Protection, enables cross-site scripting filter in most browsers
# Use new test runner
TEST_RUNNER = 'django.test.runner.DiscoverRunner'
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment