Fixed #14261 - Added clickjacking protection (X-Frame-Options header)

Many thanks to rniemeyer for the patch! git-svn-id: http://code.djangoproject.com/svn/django/trunk@16298 bcc190cf-cafb-0310-a4f2-bffc1f526a37
author: Luke Plant <L.Plant.98@cantab.net> 2011-05-30 22:27:47 +0000
committer: Luke Plant <L.Plant.98@cantab.net> 2011-05-30 22:27:47 +0000
commit: 524c5fa07a38cc68a81a12428befdafcfde1afc3 (patch)
tree: 88a59e2870cf181d1165414feb55b6d96e8ff414 /django/conf/project_template/settings.py
parent: dc4c2f3add4f15edf05574e6e8eb101be9da4b90 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/django/conf/project_template/settings.py b/django/conf/project_template/settings.py
index b74408ace8..e719dec5db 100644
--- a/django/conf/project_template/settings.py
+++ b/django/conf/project_template/settings.py
@@ -98,6 +98,8 @@ MIDDLEWARE_CLASSES = (
     'django.middleware.csrf.CsrfViewMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
+    # Uncomment the next line for simple clickjacking protection:
+    # 'django.middleware.clickjacking.XFrameOptionsMiddleware',
 )
 
 ROOT_URLCONF = '{{ project_name }}.urls'
author	Luke Plant <L.Plant.98@cantab.net>	2011-05-30 22:27:47 +0000
committer	Luke Plant <L.Plant.98@cantab.net>	2011-05-30 22:27:47 +0000
commit	524c5fa07a38cc68a81a12428befdafcfde1afc3 (patch)
tree	88a59e2870cf181d1165414feb55b6d96e8ff414 /django/conf/project_template/settings.py
parent	dc4c2f3add4f15edf05574e6e8eb101be9da4b90 (diff)