Enable django security middleware

RESOLVED FIXED

Status

Participation Infrastructure
Phonebook
RESOLVED FIXED
2 years ago
2 years ago

People

(Reporter: nemo, Assigned: nemo)

Tracking

2016-5.2

Details

(Assignee)

Description

2 years ago
Django 1.8 provides some new security features provided in django security middleware [1]. Let's enable it in mozillians.org.

[1] https://docs.djangoproject.com/en/1.8/ref/middleware/#module-django.middleware.security

Comment 1

2 years ago
Commits pushed to master at https://github.com/mozilla/mozillians

https://github.com/mozilla/mozillians/commit/19811b94ba364f1f104500abacee4d0d5bae1751
[Fix bug 1275551] Enable django security middleware.

Sets the following HTTP headers:
 - X-XSS-Protection: 1; mode=block
 - X-Content-Type-Options: nosniff

https://github.com/mozilla/mozillians/commit/78b97bf0f46bb552de885343a3cd3415aab12e7e
Merge pull request #1456 from johngian/1275551-django-sec-middleware

[Fix bug 1275551] Enable django security middleware.

Updated

2 years ago
Status: NEW → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → FIXED
(Assignee)

Updated

2 years ago
Target Milestone: --- → next
(Assignee)

Updated

2 years ago
Assignee: nobody → jgiannelos
(Assignee)

Updated

2 years ago
Target Milestone: next → ---
Version: other → next
(Assignee)

Updated

2 years ago
Version: next → 2016-5.2
You need to log in before you can comment on or make changes to this bug.