Bugfixes

counter/templates/login.html

                     {% csrf_token %}
                     <div class="form-group">
                         <label for="id_username">Trigramme</label>
-                        <input id="id_username" maxlength="3" type="text" class="text-uppercase form-control" name="username" onkeyup="javascript:this.value=this.value.toUpperCase();" required />
+                        <input id="id_username" type="text" class="form-control" name="username" required />
                     </div>
                     <div class="form-group">
                         <label for="id_username">Mot de passe</label>

seum/settings.py.default

 EMAIL_USE_TLS = False
 DEFAULT_FROM_EMAIL = 'SeumMan <seum@merigoux.ovh>'
 
+
+#Production settings
+SECURE_CONTENT_TYPE_NOSNIFF = True
+SECURE_BROWSER_XSS_FILTER = True
+SECURE_SSL_REDIRECT = True
+SESSION_COOKIE_SECURE = True
+CSRF_COOKIE_SECURE = True
+CSRF_COOKIE_HTTPONLY = True
+X_FRAME_OPTIONS = 'DENY'
+
+
 #login
 LOGIN_URL = reverse_lazy('login')
 LOGIN_REDIRECT_URL = reverse_lazy('home')