put the security middleware as the first middleware

I don't think I've ever gotten a solid idea that this is *necessary*,
but I've seen other docs refer to/assume this, so sure?
This commit is contained in:
Brian S. Stephan 2023-02-20 10:30:13 -06:00
parent 7baa70d8f6
commit 68f7c80b7e
1 changed files with 1 additions and 1 deletions

View File

@ -54,13 +54,13 @@ INSTALLED_APPS = (
)
MIDDLEWARE = (
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'django.middleware.security.SecurityMiddleware',
)
ROOT_URLCONF = 'dr_botzo.urls'