superset-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From michel...@apache.org
Subject [incubator-superset] 12/13: Disabling flask-talisman by default (#7535)
Date Sat, 01 Jun 2019 01:28:26 GMT
This is an automated email from the ASF dual-hosted git repository.

michellet pushed a commit to branch release--0.33
in repository https://gitbox.apache.org/repos/asf/incubator-superset.git

commit fb0bf03c029af153ded455afefdf45e05d204b6c
Author: Maxime Beauchemin <maximebeauchemin@gmail.com>
AuthorDate: Mon May 20 16:58:36 2019 -0700

    Disabling flask-talisman by default (#7535)
    
    flask-talisman was enabled recently and while it may be virtuous in some
    cases, it seems to break things out of the box.
    
    Locally and in dev mode, upon my first redirect it sends to HTTPS and
    things it crashes.
    
    I think it should be opt-in, maybe we can recommend turning this on in
    production in the docs?
    
    (cherry picked from commit 1fdc96a3817e802209b0ffe580ff6f12c7335551)
---
 superset/config.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/superset/config.py b/superset/config.py
index 8d11f0b..10c9bcb 100644
--- a/superset/config.py
+++ b/superset/config.py
@@ -601,7 +601,7 @@ IS_EPOCH_S_TRULY_UTC = False
 
 
 # Do you want Talisman enabled?
-TALISMAN_ENABLED = True
+TALISMAN_ENABLED = False
 # If you want Talisman, how do you want it configured??
 TALISMAN_CONFIG = {
     'content_security_policy': None,


Mime
View raw message