Skip to content

GitLab

Commit 6efe0ae3 authored by Laury Bueno's avatar Laury Bueno
Browse files

[Prod] CSRF cookie is no longer marked as HTTP only

parent a4ce753e
Hide whitespace changes
Inline Side-by-side
Showing with 1 addition and 1 deletion
config/settings/production.py
View file @ 6efe0ae3
......@@ -50,7 +50,7 @@ SESSION_COOKIE_SECURE = True
SESSION_COOKIE_HTTPONLY = True
SECURE_SSL_REDIRECT = env.bool('DJANGO_SECURE_SSL_REDIRECT', default=True)
CSRF_COOKIE_SECURE = True
CSRF_COOKIE_HTTPONLY = True
CSRF_COOKIE_HTTPONLY = False
X_FRAME_OPTIONS = 'DENY'
# SITE CONFIGURATION
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment