fix CSRF/CORS

OpenBankProject · Jan 10, 2025 · 8757ce5 · 8757ce5
1 parent a1fe695
commit 8757ce5
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 5 deletions.
diff --git a/apimanager/apimanager/settings.py b/apimanager/apimanager/settings.py
@@ -44,7 +44,6 @@
     'django.contrib.sessions',
     'django.contrib.messages',
     'django.contrib.staticfiles',
-    #'corsheaders',
     'bootstrap',
     'bootstrap_datepicker_plus',
     'mathfilters',
@@ -87,7 +86,6 @@
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
     # 'django.middleware.cache.FetchFromCacheMiddleware',
-    #'corsheaders.middleware.CorsMiddleware'
 ]
 
 #cache the view page, we set 60s = 1m,
@@ -284,7 +282,7 @@
 CSRF_COOKIE_HTTPONLY = True
 CSRF_COOKIE_SECURE = True
 
-#SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
+# SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
 
 # Paths on API_HOST to OAuth
 OAUTH_TOKEN_PATH = '/oauth/initiate'

diff --git a/requirements.txt b/requirements.txt
@@ -10,5 +10,4 @@ matplotlib
 django-bootstrap-datepicker-plus
 django-mathfilters
 django-bootstrap
-django-csp
-#django-cors-headers
+django-csp