From cb55b57af2c86fca936e73828c4e440db340d176 Mon Sep 17 00:00:00 2001
From: "J.-S. Caux" <J.S.Caux@uva.nl>
Date: Sat, 4 May 2019 10:50:37 +0200
Subject: [PATCH] Set X_FRAME to DENY

---
 SciPost_v1/settings/base.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/SciPost_v1/settings/base.py b/SciPost_v1/settings/base.py
index 85bb2f767..e992f9aa6 100644
--- a/SciPost_v1/settings/base.py
+++ b/SciPost_v1/settings/base.py
@@ -192,6 +192,7 @@ SECURE_HSTS_SECONDS = 60
 SECURE_HSTS_INCLUDE_SUBDOMAINS = True
 SECURE_HSTS_PRELOAD = True
 SECURE_CONTENT_TYPE_NOSNIFF = True
+X_FRAME_OPTIONS = 'DENY'
 
 ROOT_URLCONF = 'SciPost_v1.urls'
 
-- 
GitLab