You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@superset.apache.org by mi...@apache.org on 2019/06/01 01:28:26 UTC
[incubator-superset] 12/13: Disabling flask-talisman by default
(#7535)
This is an automated email from the ASF dual-hosted git repository.
michellet pushed a commit to branch release--0.33
in repository https://gitbox.apache.org/repos/asf/incubator-superset.git
commit fb0bf03c029af153ded455afefdf45e05d204b6c
Author: Maxime Beauchemin <ma...@gmail.com>
AuthorDate: Mon May 20 16:58:36 2019 -0700
Disabling flask-talisman by default (#7535)
flask-talisman was enabled recently and while it may be virtuous in some
cases, it seems to break things out of the box.
Locally and in dev mode, upon my first redirect it sends to HTTPS and
things it crashes.
I think it should be opt-in, maybe we can recommend turning this on in
production in the docs?
(cherry picked from commit 1fdc96a3817e802209b0ffe580ff6f12c7335551)
---
superset/config.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/superset/config.py b/superset/config.py
index 8d11f0b..10c9bcb 100644
--- a/superset/config.py
+++ b/superset/config.py
@@ -601,7 +601,7 @@ IS_EPOCH_S_TRULY_UTC = False
# Do you want Talisman enabled?
-TALISMAN_ENABLED = True
+TALISMAN_ENABLED = False
# If you want Talisman, how do you want it configured??
TALISMAN_CONFIG = {
'content_security_policy': None,