fix(middlware): add middleware to prevent clickjacking

Ref: https://docs.djangoproject.com/en/5.0/ref/clickjacking/ Closes: #47
acdh-oeaw · Aug 13, 2024 · 8e32ac5 · 8e32ac5
1 parent debbd84
commit 8e32ac5
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/apis_acdhch_default_settings/settings.py b/apis_acdhch_default_settings/settings.py
@@ -153,6 +153,7 @@
     "django.middleware.csrf.CsrfViewMiddleware",
     "django.contrib.auth.middleware.AuthenticationMiddleware",
     "django.contrib.messages.middleware.MessageMiddleware",
+    "django.middleware.clickjacking.XFrameOptionsMiddleware",
     "csp.middleware.CSPMiddleware",
     "crum.CurrentRequestUserMiddleware",
 ]