Fred
/
gwift_old
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add security option in production

This commit is contained in:
jaguarondi 2016-04-30 08:57:09 +02:00
parent 3741436368
commit d069380e80
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
gwift/gwift/settings/production.py
View File

@ -19,4 +19,11 @@ AUTH_PASSWORD_VALIDATORS = [
{
'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
},
]
]
# Be sure to force https for csrf cookie
CSRF_COOKIE_SECURE = True
# Same for session cookie
SESSION_COOKIE_SECURE = True