From d13d52d48b817239299fa9a00164e63288aa0a46 Mon Sep 17 00:00:00 2001 From: KK Date: Tue, 4 Feb 2025 11:47:02 +0100 Subject: [PATCH] fix(settings): do not remove clickjacking MIDDLEWARE Keep `MIDDLEWARE` inherited from apis-acdhch-default-settings as-is to be able to confirm effectiveness of updated CSP settings. Fixes: #107 --- apis_ontology/settings.py | 3 --- 1 file changed, 3 deletions(-) diff --git a/apis_ontology/settings.py b/apis_ontology/settings.py index d94d130..0f394d5 100644 --- a/apis_ontology/settings.py +++ b/apis_ontology/settings.py @@ -12,9 +12,6 @@ INSTALLED_APPS = ["apis_core.relations"] + INSTALLED_APPS INSTALLED_APPS += ["apis_core.documentation"] -if "django.middleware.clickjacking.XFrameOptionsMiddleware" in MIDDLEWARE: - MIDDLEWARE.remove("django.middleware.clickjacking.XFrameOptionsMiddleware") - # Content Security Policy settings # TODO remove variable once it has been added to apis-acdhch-default-settings