Skip to content

Commit 4dacbd5

Browse files
author
Ben Dickinson
authored
Merge pull request #186 from torchbox/document-x-frame-options
Document setting X-Frame-Options for template errors
2 parents e147e1a + 64a288c commit 4dacbd5

File tree

2 files changed

+14
-4
lines changed

2 files changed

+14
-4
lines changed

CHANGELOG.md

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -6,16 +6,17 @@
66

77
- Support for Django 4.0 ([#164](https://github.com/torchbox/django-pattern-library/pull/164)).
88
- Support for Python 3.10 ([#163](https://github.com/torchbox/django-pattern-library/pull/163)).
9-
- VS Code devcontainer for development [#178](https://github.com/torchbox/django-pattern-library/pull/178)
9+
- VS Code devcontainer for development ([#178](https://github.com/torchbox/django-pattern-library/pull/178)).
10+
- Documented the need to set `X_FRAME_OPTIONS = "SAMEORIGIN"` to see Django debug responses in the iframe UI ([#186](https://github.com/torchbox/django-pattern-library/pull/186)).
1011

1112
### Changed
1213

13-
- Change Poetry version to be `>=1.1.12,<2` in Docker development setup (prevents `JSONDecodeError` issue under Python 3.10) [#178](https://github.com/torchbox/django-pattern-library/pull/178)
14-
- Move demo/test app pattern-library from `/pattern-library/` to `/` [#178](https://github.com/torchbox/django-pattern-library/pull/178)
14+
- Change Poetry version to be `>=1.1.12,<2` in Docker development setup (prevents `JSONDecodeError` issue under Python 3.10) ([#178](https://github.com/torchbox/django-pattern-library/pull/178)).
15+
- Move demo/test app pattern-library from `/pattern-library/` to `/` ([#178](https://github.com/torchbox/django-pattern-library/pull/178)).
1516

1617
### Removed
1718

18-
- We no longer support Python 3.6, as it has reached its end of life ([#163](https://github.com/torchbox/django-pattern-library/pull/163).
19+
- We no longer support Python 3.6, as it has reached its end of life ([#163](https://github.com/torchbox/django-pattern-library/pull/163)).
1920

2021
## [0.6.0](https://github.com/torchbox/django-pattern-library/releases/tag/v0.6.0) - 2021-12-21
2122

docs/getting-started.md

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -58,6 +58,15 @@ TEMPLATES = [
5858
]
5959
```
6060

61+
To see the detailed error pages generated by Django when you have `DEBUG = True` in the pattern library, you'll need to make sure you have `X_FRAME_OPTIONS` set, or your browser will block the response:
62+
63+
```python
64+
if DEBUG:
65+
X_FRAME_OPTIONS = "SAMEORIGIN"
66+
```
67+
68+
Be careful only to change this when `DEBUG = True` unless you know what you're doing, you risk making your app less secure otherwise!
69+
6170
### Pattern library settings
6271

6372
Still in Django settings, set the [`PATTERN_LIBRARY`](./reference/api.md#pattern_library) setting. Here is an example showing the defaults:

0 commit comments

Comments
 (0)