Skip to content

Commit

Permalink
Fix README
Browse files Browse the repository at this point in the history
  • Loading branch information
@adamchainz
adamchainz committed May 10, 2022
1 parent b23a594 commit 005d51a
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions README.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -296,6 +296,9 @@ If ``True``, cookies will be allowed to be included in cross-site HTTP requests.
This sets the |Access-Control-Allow-Credentials header|__ in preflight and normal responses.
Defaults to ``False``.

.. |Access-Control-Allow-Credentials header| replace:: ``Access-Control-Allow-Credentials`` header
__ https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials

Note: in Django 2.1 the `SESSION_COOKIE_SAMESITE`_ setting was added, set to ``'Lax'`` by default, which will prevent Django's session cookie being sent cross-domain.
Change the setting to ``None`` if you need to bypass this security restriction.

Expand Down

0 comments on commit 005d51a

Please sign in to comment.