settings: Enable 'XFrameOptionsMiddleware'

This provides basic click jacking protection. This was identified using 'manage.py check --deploy'. Signed-off-by: Stephen Finucane <stephen@that.guru>
author: Stephen Finucane <stephen@that.guru> 2017-05-18 21:23:59 +0100
committer: Stephen Finucane <stephen@that.guru> 2017-05-18 21:24:15 +0100
commit: 7ed81278049d42dd4206235247346711e0e74fc5 (patch)
tree: 2bc15564dd01d418ee05cb6e9b6e8e5e142755e2
parent: 932abc2c662624a3b1456e1d6e30358e05dbfbea (diff)
download: patchwork-7ed81278049d42dd4206235247346711e0e74fc5.tar
patchwork-7ed81278049d42dd4206235247346711e0e74fc5.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/patchwork/settings/base.py b/patchwork/settings/base.py
index 8776a5e..fb6a765 100644
--- a/patchwork/settings/base.py
+++ b/patchwork/settings/base.py
@@ -32,6 +32,7 @@ _MIDDLEWARE_CLASSES = [
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
+    'django.middleware.clickjacking.XFrameOptionsMiddleware',
 ]
 
 if django.VERSION >= (1, 7):
author	Stephen Finucane <stephen@that.guru>	2017-05-18 21:23:59 +0100
committer	Stephen Finucane <stephen@that.guru>	2017-05-18 21:24:15 +0100
commit	7ed81278049d42dd4206235247346711e0e74fc5 (patch)
tree	2bc15564dd01d418ee05cb6e9b6e8e5e142755e2
parent	932abc2c662624a3b1456e1d6e30358e05dbfbea (diff)
download	patchwork-7ed81278049d42dd4206235247346711e0e74fc5.tar patchwork-7ed81278049d42dd4206235247346711e0e74fc5.tar.gz