From 166441b3e3ab2cf1fd9ad2f24321db7f85cf7e77 Mon Sep 17 00:00:00 2001
From: Jake Howard <git@theorangeone.net>
Date: Fri, 5 Jan 2024 15:59:23 +0000
Subject: [PATCH] Set CSRF cookie as httpOnly

---
 website/settings.py | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/website/settings.py b/website/settings.py
index 34e8dea..5b944ea 100644
--- a/website/settings.py
+++ b/website/settings.py
@@ -398,9 +398,6 @@ SESSION_COOKIE_AGE = 2419200  # About a month
 CSRF_COOKIE_SECURE = not DEBUG
 SESSION_COOKIE_HTTPONLY = True
 
-# https://github.com/wagtail/wagtail-autocomplete/issues/149
-CSRF_COOKIE_HTTPONLY = False
-
 SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
 
 PERMISSIONS_POLICY: dict[str, list] = {