steve
/
mybuddy
mirror of https://github.com/snachodog/mybuddy.git
1
0
Fork 0
Code Issues 3 Packages Projects 1 Releases Wiki Activity

Disable secure cookies 

This feature breaks login on non-HTTPs connections. Additional work needed.
This commit is contained in:
Christopher C. Wells 2021-09-16 20:44:05 -07:00
parent a844aa7613
commit 3f57b196b4
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
babybuddy/settings/base.py
View File

@ -241,11 +241,11 @@ if os.environ.get('SECURE_PROXY_SSL_HEADER'):
# https://docs.djangoproject.com/en/3.2/topics/http/sessions/#settings # https://docs.djangoproject.com/en/3.2/topics/http/sessions/#settings
SESSION_COOKIE_HTTPONLY = True SESSION_COOKIE_HTTPONLY = True
SESSION_COOKIE_SECURE = True # SESSION_COOKIE_SECURE = True
# https://docs.djangoproject.com/en/3.2/ref/csrf/#settings # https://docs.djangoproject.com/en/3.2/ref/csrf/#settings
CSRF_COOKIE_HTTPONLY = True CSRF_COOKIE_HTTPONLY = True
CSRF_COOKIE_SECURE = True # CSRF_COOKIE_SECURE = True
# https://docs.djangoproject.com/en/3.2/topics/auth/passwords/ # https://docs.djangoproject.com/en/3.2/topics/auth/passwords/
AUTH_PASSWORD_VALIDATORS = [ AUTH_PASSWORD_VALIDATORS = [