Please sign in to comment.
- Loading branch information...
|@@ -100,11 +100,11 @@ def get_from_env(var, default):|
|SESSION_COOKIE_HTTPONLY = True|
|# one week HSTS seems like a good balance for MITM prevention|
|# let's go with one year because that's the way to do it now|
|if (get_from_env('HSTS', '0') == '1'):|
|SECURE_HSTS_SECONDS = 3600 * 24 * 7|
|SECURE_HSTS_SECONDS = 52 * 3600 * 24 * 7|
|# not doing subdomains for now cause that is not likely to be necessary and can screw things up.|
|SECURE_HSTS_INCLUDE_SUBDOMAINS = False|
|SECURE_HSTS_INCLUDE_SUBDOMAINS = True|
|SECURE_BROWSER_XSS_FILTER = True|
|SECURE_CONTENT_TYPE_NOSNIFF = True|