External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-03-10 05:59:28 -02:30
Code Issues Packages Projects Releases Wiki Activity

Fixing cookie settings for CSRF and auth token

Browse Source
This commit is contained in:
Wayne Witzel III
2017-07-25 10:11:11 -04:00
parent 0cf376ca6f
commit f6d59409de
2 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
awx/settings/defaults.py
View File

@@ -189,6 +189,9 @@ JOB_EVENT_MAX_QUEUE_SIZE = 10000
# Disallow sending session cookies over insecure connections
SESSION_COOKIE_SECURE = True
# Do not allow non-browser clients to read the CSRF cookie.
CSRF_COOKIE_HTTPONLY = True
# Disallow sending csrf cookies over insecure connections
CSRF_COOKIE_SECURE = True