External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-02-22 21:46:00 -03:30
Code Issues Packages Projects Releases Wiki Activity

properly enforce CSRF validation

Browse Source 
see: https://github.com/ansible/tower/issues/2339
This commit is contained in:
Ryan Petrello
2018-06-27 15:50:07 -04:00
parent 39bc64d089
commit 504dfd32ee
5 changed files with 17 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
awx/settings/defaults.py
View File

@@ -207,6 +207,8 @@ SESSION_COOKIE_AGE = 1209600
# Note: This setting may be overridden by database settings.
SESSIONS_PER_USER = -1
CSRF_USE_SESSIONS = False
# Disallow sending csrf cookies over insecure connections
CSRF_COOKIE_SECURE = True