Skip to content

Commit

Permalink
fix(settings): do not remove clickjacking MIDDLEWARE
Browse files Browse the repository at this point in the history 
Keep `MIDDLEWARE` inherited from apis-acdhch-default-settings
as-is to be able to confirm effectiveness of updated CSP settings.

Fixes: #107
  • Loading branch information
@koeaw
koeaw committed Feb 4, 2025
1 parent fca7e94 commit d13d52d
Showing 1 changed file with 0 additions and 3 deletions.
3 changes: 0 additions & 3 deletions apis_ontology/settings.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,9 +12,6 @@
INSTALLED_APPS = ["apis_core.relations"] + INSTALLED_APPS
INSTALLED_APPS += ["apis_core.documentation"]

if "django.middleware.clickjacking.XFrameOptionsMiddleware" in MIDDLEWARE:
MIDDLEWARE.remove("django.middleware.clickjacking.XFrameOptionsMiddleware")


# Content Security Policy settings
# TODO remove variable once it has been added to apis-acdhch-default-settings
Expand Down

0 comments on commit d13d52d

Please sign in to comment.