From c38d1c37a1d5e0a1c04689e34966c46be9fe1a9f Mon Sep 17 00:00:00 2001
From: Paul Eggleton <paul.eggleton@linux.intel.com>
Date: Tue, 15 Jan 2019 11:05:32 +1300
Subject: [PATCH] docker: enable SECURE_BROWSER_XSS_FILTER

This is a rudimentary extra protection against XSS, we might as well
enable it.

Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
---
 docker/settings.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/docker/settings.py b/docker/settings.py
index 7ead298..cef3aa1 100644
--- a/docker/settings.py
+++ b/docker/settings.py
@@ -290,3 +290,5 @@ TOOLS_LOG_DIR = ""
 USE_X_FORWARDED_HOST = True
 ALLOWED_HOSTS = [os.getenv('HOSTNAME', 'layers.test')]
 SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
+SECURE_BROWSER_XSS_FILTER = True
+