You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@superset.apache.org by ma...@apache.org on 2019/05/20 23:58:55 UTC

[incubator-superset] branch master updated: Disabling flask-talisman by default (#7535)

This is an automated email from the ASF dual-hosted git repository.

maximebeauchemin pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-superset.git


The following commit(s) were added to refs/heads/master by this push:
     new 1fdc96a  Disabling flask-talisman by default (#7535)
1fdc96a is described below

commit 1fdc96a3817e802209b0ffe580ff6f12c7335551
Author: Maxime Beauchemin <ma...@gmail.com>
AuthorDate: Mon May 20 16:58:36 2019 -0700

    Disabling flask-talisman by default (#7535)
    
    flask-talisman was enabled recently and while it may be virtuous in some
    cases, it seems to break things out of the box.
    
    Locally and in dev mode, upon my first redirect it sends to HTTPS and
    things it crashes.
    
    I think it should be opt-in, maybe we can recommend turning this on in
    production in the docs?
---
 superset/config.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/superset/config.py b/superset/config.py
index 4949bf9..5f9bd8a 100644
--- a/superset/config.py
+++ b/superset/config.py
@@ -613,7 +613,7 @@ SQL_VALIDATORS_BY_ENGINE = {
 }
 
 # Do you want Talisman enabled?
-TALISMAN_ENABLED = True
+TALISMAN_ENABLED = False
 # If you want Talisman, how do you want it configured??
 TALISMAN_CONFIG = {
     'content_security_policy': None,