From 4daccfdd390112b20344249a43119aed9607e467 Mon Sep 17 00:00:00 2001 From: Tomas Kubla Date: Mon, 22 Jan 2024 15:56:07 +0100 Subject: [PATCH 1/2] Override default Django APPEND_SLASH --- dojo/settings/settings.dist.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/dojo/settings/settings.dist.py b/dojo/settings/settings.dist.py index c39e3c44c04..b89371af237 100644 --- a/dojo/settings/settings.dist.py +++ b/dojo/settings/settings.dist.py @@ -40,6 +40,7 @@ DD_SECURE_CONTENT_TYPE_NOSNIFF=(bool, True), DD_CSRF_COOKIE_SAMESITE=(str, 'Lax'), DD_SESSION_COOKIE_SAMESITE=(str, 'Lax'), + DD_APPEND_SLASH=(bool, False), DD_TIME_ZONE=(str, 'UTC'), DD_LANG=(str, 'en-us'), DD_TEAM_NAME=(str, 'Security Team'), @@ -670,6 +671,9 @@ def generate_url(scheme, double_slashes, user, password, host, port, path, param SESSION_COOKIE_SECURE = env('DD_SESSION_COOKIE_SECURE') SESSION_COOKIE_SAMESITE = env('DD_SESSION_COOKIE_SAMESITE') +# Override default Django behavior for incorrect URLs +APPEND_SLASH = env('DD_APPEND_SLASH') + # Whether to use a secure cookie for the CSRF cookie. CSRF_COOKIE_SECURE = env('DD_CSRF_COOKIE_SECURE') CSRF_COOKIE_SAMESITE = env('DD_CSRF_COOKIE_SAMESITE') From 7b9db7e00f3c472a032aef81a47be5e74a807627 Mon Sep 17 00:00:00 2001 From: kiblik Date: Tue, 30 Jan 2024 22:28:19 +0000 Subject: [PATCH 2/2] Update dojo/settings/settings.dist.py --- dojo/settings/settings.dist.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dojo/settings/settings.dist.py b/dojo/settings/settings.dist.py index b89371af237..9eff4ed780d 100644 --- a/dojo/settings/settings.dist.py +++ b/dojo/settings/settings.dist.py @@ -40,7 +40,7 @@ DD_SECURE_CONTENT_TYPE_NOSNIFF=(bool, True), DD_CSRF_COOKIE_SAMESITE=(str, 'Lax'), DD_SESSION_COOKIE_SAMESITE=(str, 'Lax'), - DD_APPEND_SLASH=(bool, False), + DD_APPEND_SLASH=(bool, True), DD_TIME_ZONE=(str, 'UTC'), DD_LANG=(str, 'en-us'), DD_TEAM_NAME=(str, 'Security Team'),