Skip to content

Commit

Permalink
Set session/CSRF cookies with secure flag.
Browse files Browse the repository at this point in the history 
Part of #32.
  • Loading branch information
@lukegb
lukegb committed Jul 29, 2017
1 parent 3d852ad commit 981ef5b
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions spongeauth/spongeauth/settings/prod.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,11 @@
DEFAULT_FROM_EMAIL = '[email protected]'
SERVER_EMAIL = '[email protected]'

SESSION_COOKIE_SECURE = True
SESSION_COOKIE_HTTPONLY = True
CSRF_COOKIE_SECURE = True
CSRF_COOKIE_HTTPONLY = True

EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
EMAIL_USE_TLS = True
EMAIL_USE_SSL = False
Expand Down

0 comments on commit 981ef5b

Please sign in to comment.