From fd3ce872511391fcead8e5ef8fa1cdfeee21a124 Mon Sep 17 00:00:00 2001
From: Matthew Dillon <matthewrdillon@gmail.com>
Date: Fri, 29 Jan 2016 09:28:13 -0700
Subject: [PATCH] Fix missing production security middleware

---
 config/settings/production.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/config/settings/production.py b/config/settings/production.py
index 632c9d6..15f90b0 100644
--- a/config/settings/production.py
+++ b/config/settings/production.py
@@ -23,6 +23,13 @@ SECRET_KEY = env("DJANGO_SECRET_KEY")
 # properly on Heroku.
 SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
 
+# django-secure
+# ------------------------------------------------------------------------------
+INSTALLED_APPS += ("djangosecure", )
+
+SECURITY_MIDDLEWARE = (
+    'djangosecure.middleware.SecurityMiddleware',
+)
 
 # Make sure djangosecure.middleware.SecurityMiddleware is listed first
 MIDDLEWARE_CLASSES = SECURITY_MIDDLEWARE + MIDDLEWARE_CLASSES