Set CSRF cookie as httpOnly
This commit is contained in:
parent
307cd7fe26
commit
166441b3e3
1 changed files with 0 additions and 3 deletions
|
@ -398,9 +398,6 @@ SESSION_COOKIE_AGE = 2419200 # About a month
|
||||||
CSRF_COOKIE_SECURE = not DEBUG
|
CSRF_COOKIE_SECURE = not DEBUG
|
||||||
SESSION_COOKIE_HTTPONLY = True
|
SESSION_COOKIE_HTTPONLY = True
|
||||||
|
|
||||||
# https://github.com/wagtail/wagtail-autocomplete/issues/149
|
|
||||||
CSRF_COOKIE_HTTPONLY = False
|
|
||||||
|
|
||||||
SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
|
SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
|
||||||
|
|
||||||
PERMISSIONS_POLICY: dict[str, list] = {
|
PERMISSIONS_POLICY: dict[str, list] = {
|
||||||
|
|
Loading…
Reference in a new issue