• Vladimir Mencl's avatar
    Use secure session cookies · e4868581
    Vladimir Mencl authored
    Django would be default use insecure cookies - that would be sent by the
    browser also over plain http.  And administrative work requiring authenticated
    sessions should be done over https - and therefore, the cookie should be marked
    as secure.
    
    This can be achived by setting:
    
        settings.SESSION_COOKIE_SECURE = True
    
    As this is an essential security setting that shouldn't need additional tweaks,
    adding the setting to settings.py (and not local_settings.py).
    e4868581
Name
Last commit
Last update
accounts Loading commit data...
djangobackends Loading commit data...
djnro Loading commit data...
docs Loading commit data...
edumanage Loading commit data...
extras Loading commit data...
front Loading commit data...
initial_data Loading commit data...
locale Loading commit data...
static Loading commit data...
utils Loading commit data...
.gitignore Loading commit data...
COPYING Loading commit data...
Changelog Loading commit data...
Makefile Loading commit data...
README.md Loading commit data...
__init__.py Loading commit data...
_version.py Loading commit data...
manage.py Loading commit data...
mkdocs.yml Loading commit data...
requirements.txt Loading commit data...
upgrade-from-0.8-notes.txt Loading commit data...