Store cookies securely
This commit is contained in:
parent
fb739f93fc
commit
a4471a49ee
1 changed files with 5 additions and 0 deletions
|
@ -277,6 +277,11 @@ SECURE_CONTENT_TYPE_NOSNIFF = True
|
||||||
X_FRAME_OPTIONS = "DENY"
|
X_FRAME_OPTIONS = "DENY"
|
||||||
SECURE_REFERRER_POLICY = "same-origin"
|
SECURE_REFERRER_POLICY = "same-origin"
|
||||||
|
|
||||||
|
SESSION_COOKIE_SECURE = not DEBUG
|
||||||
|
CSRF_COOKIE_SECURE = not DEBUG
|
||||||
|
CSRF_COOKIE_HTTPONLY = True
|
||||||
|
SESSION_COOKIE_HTTPONLY = True
|
||||||
|
|
||||||
SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
|
SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
|
||||||
|
|
||||||
if not DEBUG:
|
if not DEBUG:
|
||||||
|
|
Loading…
Reference in a new issue