[extensions-web] settings: removed CSRF_COOKIE_HTTPONLY since we using AJAX + csrf cookie

From: Yuri Konotopov <ykonotopov src gnome org>
To: commits-list gnome org
Cc:
Subject: [extensions-web] settings: removed CSRF_COOKIE_HTTPONLY since we using AJAX + csrf cookie
Date: Sat, 5 Nov 2016 08:27:26 +0000 (UTC)

commit 9479567cff282969b8a4041f35f68b58289ea360
Author: Yuri Konotopov <ykonotopov gnome org>
Date:   Sat Nov 5 11:27:07 2016 +0300

    settings: removed CSRF_COOKIE_HTTPONLY since we using AJAX + csrf cookie

 sweettooth/settings.py |    1 -
 1 files changed, 0 insertions(+), 1 deletions(-)
---
diff --git a/sweettooth/settings.py b/sweettooth/settings.py
index 4aa779c..d5adde3 100644
--- a/sweettooth/settings.py
+++ b/sweettooth/settings.py
@@ -212,7 +212,6 @@ except ImportError:
 
 # Enable secure settings in case DEBUG is disabled and NO_SECURE_SETTINGS is not set to True
 if not DEBUG and not NO_SECURE_SETTINGS:
-    CSRF_COOKIE_HTTPONLY = True
     CSRF_COOKIE_SECURE = True
     SESSION_COOKIE_SECURE = True
     SECURE_HSTS_SECONDS = 4 * 60 * 60

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]