Added translation support. #369
Conversation
![code-review-doctor[bot]](https://avatars.githubusercontent.com/in/83430?s=60&v=4){kind=small}
django_clone/settings.py
Outdated
| LANGUAGE_CODE = "en" | ||
|
|
||
| # Tell Django where the project's translation files should be. | ||
| LOCALE_PATHS=( |
There was a problem hiding this comment.
Consider setting SECURE_HSTS_SECONDS if the website is to be accessed exclusively via HTTPS. This reduces the chance of a Man In The Middle attack because modern browsers will block HTTP requests to your website. Start with a small number and increase once you're confident HTTPS works on your website.
Consider setting SECURE_HSTS_INCLUDE_SUBDOMAINS if all subbdomains of the website are to be accessed exclusively via HTTPS. This extends the HSTS protection to subdomains too, further reducing the chance of a Man In The Middle attack because modern browsers will block HTTP requests to your website.
Consider setting SECURE_HSTS_PRELOAD to facilitate adding your website to the browser preload list.
Consider setting SECURE_CONTENT_TYPE_NOSNIFF to prevent the security hole that if the MIME type is missing from a response's content-type header then the browser will infer the MIME type based on the content and so execute any nefarious javascript/html that a bad actor managed to upload to your website.
Consider setting SECURE_SSL_REDIRECT to prevent users from accessing the website over HTTP. HTTP connections allow bad actors to intercept passwords and session cookies, and to easily change the contents of the request or response.
Consider setting SESSION_COOKIE_SECURE to prevent cookies from being sent over non HTTPS connections. Cookies sent over insecure HTTP connections can be intercepted by hackers.
Consider setting CSRF_COOKIE_SECURE to prevent the CSRF cookies from being vulnerable to packet sniff attack.
django_clone/settings.py
Outdated
| # Tell Django where the project's translation files should be. | ||
| LOCALE_PATHS=( | ||
| os.path.join(BASE_DIR, "model_clone", "locale"), | ||
| ) |
There was a problem hiding this comment.
| ) | |
| ) | |
| SECURE_HSTS_SECONDS = 3600 | |
| SECURE_HSTS_INCLUDE_SUBDOMAINS = True | |
| SECURE_CONTENT_TYPE_NOSNIFF = True | |
| SECURE_SSL_REDIRECT = os.getenv("SECURE_SSL_REDIRECT_ENABLED") != "False" | |
| SESSION_COOKIE_SECURE = os.getenv("SESSION_COOKIE_SECURE_ENABLED") != "False" | |
| CSRF_COOKIE_SECURE = os.getenv("CSRF_COOKIE_SECURE_ENABLED") != "False" | |
| SECURE_HSTS_PRELOAD = True |
for more information, see https://pre-commit.ci
Codecov Report
@@ Coverage Diff @@
## main #369 +/- ##
==========================================
- Coverage 96.32% 96.29% -0.03%
==========================================
Files 6 6
Lines 272 270 -2
==========================================
- Hits 262 260 -2
Misses 10 10
Continue to review full report at Codecov.
|
Co-authored-by: django-doctor[bot] <72320148+django-doctor[bot]@users.noreply.github.com>
No description provided.