Skip to content

Commit

Permalink
Apply Dockerflow middleware before security middleware
Browse files Browse the repository at this point in the history 
This ensures Dockerflow routes do not enforce security features such
as ALLOWED_HOSTS.
  • Loading branch information
Adrian Utrilla committed Apr 29, 2019
1 parent 46ca9e8 commit fb98bca
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion buildhub/settings.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -134,11 +134,11 @@ class Core(Configuration, AWS, CORS, Whitenoise, CSP, Backfill):
]

MIDDLEWARE = [
"dockerflow.django.middleware.DockerflowMiddleware",
"django.middleware.security.SecurityMiddleware",
"corsheaders.middleware.CorsMiddleware",
"django.middleware.common.CommonMiddleware",
"django.middleware.clickjacking.XFrameOptionsMiddleware",
"dockerflow.django.middleware.DockerflowMiddleware",
"csp.middleware.CSPMiddleware",
"whitenoise.middleware.WhiteNoiseMiddleware",
"buildhub.middleware.StatsMiddleware",
Expand Down

0 comments on commit fb98bca

Please sign in to comment.