projects / qcg-portal.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f5f4d2a)
set csrf cookie as httponly
authorMaciej Tronowski <mtro@man.poznan.pl>
Tue, 1 Sep 2015 14:02:06 +0000 (16:02 +0200)
committerDawid Jagieła <lightnir@gmail.com>
Sat, 12 Sep 2015 09:18:38 +0000 (11:18 +0200)
plgng/settings_common.py patch | blob | history

diff --git a/plgng/settings_common.py b/plgng/settings_common.py
index 337f557..a2b39fe 100644 (file)
--- a/plgng/settings_common.py
+++ b/plgng/settings_common.py
@@ -111,6 +111,9 @@ SESSION_COOKIE_AGE = 60 * 60 * 24 * 6  # 6 days, length of user proxy from openi
 SESSION_SERIALIZER = 'django.contrib.sessions.serializers.PickleSerializer'
 
 
+CSRF_COOKIE_HTTPONLY = True
+
+
 # 3-rd party settings
 
 BOOTSTRAP3 = {
QCG-portal for UNRES