Enable csrf protection

2025-08-04 21:27:49 +02:00 · 2023-10-28 13:56:43 +02:00
parent ec8684dbc0
commit 03fc82c38d
3 changed files with 4 additions and 4 deletions
--- a/ram/ram/settings.py
+++ b/ram/ram/settings.py
@@ -49,7 +49,7 @@ INSTALLED_APPS = [
    "rest_framework",
    "ram",
    "portal",
-    # "driver",
+    # "driver",  # uncomment this to enable the "driver" API
    "metadata",
    "roster",
    "consist",
@@ -60,7 +60,7 @@ MIDDLEWARE = [
    "django.middleware.security.SecurityMiddleware",
    "django.contrib.sessions.middleware.SessionMiddleware",
    "django.middleware.common.CommonMiddleware",
-    # 'django.middleware.csrf.CsrfViewMiddleware',
+    'django.middleware.csrf.CsrfViewMiddleware',
    "django.contrib.auth.middleware.AuthenticationMiddleware",
    "django.contrib.messages.middleware.MessageMiddleware",
    "django.middleware.clickjacking.XFrameOptionsMiddleware",