Move cookie secure attributes to example production settings

This commit is contained in:
Christopher C. Wells 2021-07-31 05:50:56 -07:00 committed by Christopher Charbonneau Wells
parent d9f6c44f59
commit 4673c2b8bd
2 changed files with 10 additions and 9 deletions

View File

@ -269,13 +269,6 @@ AXES_FAILURE_LIMIT = 5
ROLLING_SESSION_REFRESH = 86400
# Security
# See https://docs.djangoproject.com/en/3.2/topics/http/sessions/#settings
# See https://docs.djangoproject.com/en/3.2/ref/csrf/#settings
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
# Set default auto field for models.
# See https://docs.djangoproject.com/en/3.2/releases/3.2/#customizing-type-of-auto-created-primary-keys

View File

@ -7,7 +7,6 @@ SECRET_KEY = ''
ALLOWED_HOSTS = ['']
# Database
# https://docs.djangoproject.com/en/3.0/ref/settings/#databases
@ -18,8 +17,17 @@ DATABASES = {
}
}
# Media files
# https://docs.djangoproject.com/en/3.0/topics/files/
MEDIA_ROOT = os.path.join(BASE_DIR, '../data/media')
# Security
# After setting up SSL, uncomment the settings below for enhanced security of
# application cookies.
#
# See https://docs.djangoproject.com/en/3.2/topics/http/sessions/#settings
# See https://docs.djangoproject.com/en/3.2/ref/csrf/#settings
# SESSION_COOKIE_SECURE = True
# CSRF_COOKIE_SECURE = True