Closed
Bug 741396
Opened 13 years ago
Closed 13 years ago
Need update to settings.py file
Categories
(Infrastructure & Operations Graveyard :: WebOps: Other, task)
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: jfong, Assigned: bburton)
References
()
Details
Please update settings.py on both dev and stage with the new csp values located in settings_local.py-dist, located on the following lines:
183: 'commonware.response.middleware.StrictTransportMiddleware',
187: 'django.middleware.csrf.CsrfViewMiddleware',
230-231: 'csp',
363-364: SESSION_COOKIE_SECURE = True
366-381: CSP settings (the entire section)
|
||
Comment 1•13 years ago
|
||
ping on this, we are trying to verify a bug on dev to fix our stage environment.
Right now our stage environment displays an error.
Many thanks.
|
|
||
Comment 2•13 years ago
|
||
I'm confused... normally the base settings.py is in github and we (IT) don't touch it. We only deal with local.py (or settings_local.py).
Is this bug in the right product/component?
|
|
Reporter | |
Comment 3•13 years ago
|
||
Jake:
This project doesn't have a local.py/base.py configuration structure. It only has a settings.py which acts as both in this instance.
|
|
Reporter | |
Comment 4•13 years ago
|
||
Jake:
As a side note, in this project, settings_local.py-dist is the sample reference file but the server does have a local settings.py file that has the real session secret and other configuration details.
|
|
Assignee | |
Comment 5•13 years ago
|
||
The IT managed settings file is settings_local.py
I'll apply this change shortly
Assignee: server-ops → bburton
Status: NEW → ASSIGNED
|
|
||
Comment 6•13 years ago
|
||
Brandon,
Can you hold off on this for a few. Jenn is waiting for a code review with some more changes.
She will put a note here after the merge is complete and we can move forward.
|
|
Assignee | |
Comment 7•13 years ago
|
||
Sure, if you would PM me on irc when you're ready, that'd be great.
Thanks
|
|
Reporter | |
Comment 8•13 years ago
|
||
Final official list of changes on lines:
115-130: update TEMPLATE_CONTEXT_PROCESSORS
183-199: updated MIDDLEWARE_CLASSES
203-263: update INSTALLED_APPS
334-337: update AUTHENTICATION_BACKENDS
374-376: add SESSION_COOKIE_SECURE, SESSION_COOKIE_HTTPONLY
381-402: add CSP and STATSD
|
|
Assignee | |
Comment 9•13 years ago
|
||
New settings/changes merged into IT managed settings_local.py
Pushed live to -dev
Also, I noticed you added some statsd stuff, but there isn't a statsd server, port, or prefix defined.
Did you want that setup yet?
|
|
Reporter | |
Updated•13 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
|
|
Reporter | |
Updated•13 years ago
|
Status: RESOLVED → VERIFIED
|
||
Updated•12 years ago
|
Component: Server Operations: Web Operations → WebOps: Other
Product: mozilla.org → Infrastructure & Operations
|
||
Updated•6 years ago
|
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•