From 4a19bd1971bf0491e2d73bf857edb7d1b85dcf42 Mon Sep 17 00:00:00 2001 From: PCoder Date: Wed, 18 Jul 2018 21:48:39 +0200 Subject: [PATCH 1/2] Set X_FRAME_OPTIONS from env --- dynamicweb/settings/base.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/dynamicweb/settings/base.py b/dynamicweb/settings/base.py index 75dfaa73..d526881f 100644 --- a/dynamicweb/settings/base.py +++ b/dynamicweb/settings/base.py @@ -702,6 +702,12 @@ if ENABLE_LOGGING: TEST_MANAGE_SSH_KEY_PUBKEY = env('TEST_MANAGE_SSH_KEY_PUBKEY') TEST_MANAGE_SSH_KEY_HOST = env('TEST_MANAGE_SSH_KEY_HOST') +X_FRAME_OPTIONS_ALLOW_FROM_URI = env('X_FRAME_OPTIONS_ALLOW_FROM_URI') +X_FRAME_OPTIONS = ('SAMEORIGIN' if X_FRAME_OPTIONS_ALLOW_FROM_URI is None else + 'ALLOW-FROM {}'.format( + X_FRAME_OPTIONS_ALLOW_FROM_URI.strip() + )) + DEBUG = bool_env('DEBUG') if DEBUG: From 1291b49ec34524086a84bac29a890d78d113659c Mon Sep 17 00:00:00 2001 From: PCoder Date: Wed, 18 Jul 2018 21:49:11 +0200 Subject: [PATCH 2/2] Reformat base.py --- dynamicweb/settings/base.py | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/dynamicweb/settings/base.py b/dynamicweb/settings/base.py index d526881f..7d333a2f 100644 --- a/dynamicweb/settings/base.py +++ b/dynamicweb/settings/base.py @@ -2,16 +2,15 @@ Copyright 2015 ungleich. """ +import json +import logging # -*- coding: utf-8 -*- # Build paths inside the project like this: os.path.join(BASE_DIR, ...) import os -import json - -from django.utils.translation import ugettext_lazy as _ # dotenv import dotenv -import logging +from django.utils.translation import ugettext_lazy as _ logger = logging.getLogger(__name__) @@ -56,6 +55,7 @@ PROJECT_DIR = os.path.abspath( dotenv.read_dotenv("{0}/.env".format(PROJECT_DIR)) from multisite import SiteID + SITE_ID = SiteID(default=1) APP_ROOT_ENDPOINT = "/" @@ -580,7 +580,6 @@ MULTISITE_FALLBACK_KWARGS = { FILER_ENABLE_PERMISSIONS = True - ############################################# # configurations for opennebula-integration # #############################################