From d9ed90b729161dd17cc91b04e703a5373b4dcb0d Mon Sep 17 00:00:00 2001 From: Philip Sargent Date: Wed, 26 Oct 2022 00:20:47 +0100 Subject: [PATCH] update for old PC settings --- .gitignore | 1 + security-warnings.txt | 3 +-- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index 2953506..c2833d4 100644 --- a/.gitignore +++ b/.gitignore @@ -130,3 +130,4 @@ _deploy/wsl/localsettingsWSL.py.bak therionrefs.log _1623-and-1626.svx _1623-and-1626-no-schoenberg-hs.svx +localsettings-oldMuscogee.py diff --git a/security-warnings.txt b/security-warnings.txt index 236f7c9..11f4f2c 100644 --- a/security-warnings.txt +++ b/security-warnings.txt @@ -1,10 +1,9 @@ System check identified some issues: WARNINGS: -?: (admin.W411) 'django.template.context_processors.request' must be enabled in DjangoTemplates (TEMPLATES) in order to use the admin navigation sidebar. ?: (security.W001) You do not have 'django.middleware.security.SecurityMiddleware' in your MIDDLEWARE so the SECURE_HSTS_SECONDS, SECURE_CONTENT_TYPE_NOSNIFF, SECURE_BROWSER_XSS_FILTER, SECURE_REFERRER_POLICY, and SECURE_SSL_REDIRECT settings will have no effect. ?: (security.W012) SESSION_COOKIE_SECURE is not set to True. Using a secure-only session cookie makes it more difficult for network traffic sniffers to hijack user sessions. ?: (security.W016) You have 'django.middleware.csrf.CsrfViewMiddleware' in your MIDDLEWARE, but you have not set CSRF_COOKIE_SECURE to True. Using a secure-only CSRF cookie makes it more difficult for network traffic sniffers to steal the CSRF token. ?: (security.W018) You should not have DEBUG set to True in deployment. -System check identified 5 issues (0 silenced). +System check identified 4 issues (0 silenced).