search

cookiecutter / cookiecutter-django

Cookiecutter Django is a framework for jumpstarting production-ready Django projects quickly.
https://cookiecutter-django.readthedocs.io
BSD 3-Clause "New" or "Revised" License
12.19k stars 2.91k forks source link

SECURE_REFERRER_POLICY setting ignored in production... #4204

Closed masavini closed 1 year ago

masavini commented 1 year ago

What happened?

i need to change the value of SECURE_REFERRER_POLICY from same-origin (the default) to origin. i set SECURE_REFERRER_POLICY = "origin" in config/settings/base.py. local container correctly sends requests with the Referer header set to http://localhost:8000/. production container, instead, keeps sending requests with no Referer.

What should've happened instead?

production container should send requests with the Referer header set to https://my.domain.com/.

Additional details

$  docker run --rm -it cookiecutter --version
Cookiecutter 2.1.1 from /home/user/.local/lib/python3.11/site-packages (Python 3.11.2 (main, Feb 11 2023, 12:04:10) [GCC 12.2.1 20220924])
masavini commented 1 year ago

my bad, i forgot to rebuild the image in production!!