mirror of
https://expo.survex.com/repositories/troggle/.git
synced 2024-11-25 08:41:51 +00:00
Disable "secure" (i.e. SSL trabsport only) cookies
This commit is contained in:
parent
a99020078c
commit
0ecaa9b8ee
@ -109,8 +109,8 @@ SECRET_KEY = "not-the-real-secret-key-a#vaeozn0---^fj!355qki*vj2"
|
||||
LOGIN_REDIRECT_URL = '/'
|
||||
SECURE_CONTENT_TYPE_NOSNIFF = True
|
||||
SECURE_BROWSER_XSS_FILTER = True
|
||||
#SESSION_COOKIE_SECURE = True # if enabled, cannot login to Django control panel, bug elsewhere?
|
||||
CSRF_COOKIE_SECURE = True
|
||||
# SESSION_COOKIE_SECURE = True # if enabled, cannot login to Django control panel, bug elsewhere?
|
||||
# CSRF_COOKIE_SECURE = True # if enabled only sends cookies over SSL
|
||||
X_FRAME_OPTIONS = 'SAMEORIGIN' # change to "DENY" after we eliminate all the iframes e.g. /xmlvalid.html
|
||||
|
||||
INSTALLED_APPS = (
|
||||
|
Loading…
Reference in New Issue
Block a user