repos/website
1
Fork 0
Code Issues 1 Pull requests 27 Activity

Store cookies securely

Browse source
This commit is contained in:
Jake Howard 2022-08-25 23:16:20 +01:00
parent fb739f93fc
commit a4471a49ee
Signed by: jake
GPG key ID: 57AFB45680EDD477
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
website/settings.py
View file

@ -277,6 +277,11 @@ SECURE_CONTENT_TYPE_NOSNIFF = True
X_FRAME_OPTIONS = "DENY" X_FRAME_OPTIONS = "DENY"
SECURE_REFERRER_POLICY = "same-origin" SECURE_REFERRER_POLICY = "same-origin"
SESSION_COOKIE_SECURE = not DEBUG
CSRF_COOKIE_SECURE = not DEBUG
CSRF_COOKIE_HTTPONLY = True
SESSION_COOKIE_HTTPONLY = True
SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https") SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
if not DEBUG: if not DEBUG: