The settings for the SecurityMiddleware as they appear in django-secure are:
SECURE_HSTS_SECONDS=0 SECURE_HSTS_INCLUDE_SUBDOMAINS=False SECURE_CONTENT_TYPE_NOSNIFF=False SECURE_BROWSER_XSS_FILTER=False SECURE_SSL_REDIRECT=False SECURE_SSL_HOST=None SECURE_REDIRECT_EXEMPT=[] Yo-Yo, would be helpful to say *why* you are -1 so we can take that into consideration. On Thursday, August 28, 2014 2:45:07 AM UTC-4, Yo-Yo Ma wrote: > > +1 on basically adding the functionality of checksecure to the default > validation. > > -1 to adding the middleware. > -- You received this message because you are subscribed to the Google Groups "Django developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/django-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/1903db9f-8ea9-4303-9d99-8431c7a4976d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
