Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Documentation - Small update to SESSION_COOKIE_DOMAIN documentation #927

Merged
merged 1 commit into from

2 participants

@ryanisnan

I'm explaining a slight (but potentially crippling) caveat for updating SESSION_COOKIE_DOMAIN on a production site.

@jacobian jacobian merged commit 20661d2 into from
@ryanisnan

Thanks Jacob! I just noticed a small area I'd like to clean up in the update I made (so sorry... I'm a terrible writer...)

This contributing thing is addictive...

@jacobian
Collaborator

I think the writing's fine, but if you've got a change feel free to open a new PR. Ping me (use @jacobian in a comment) so I see it and I'll take a look. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
This page is out of date. Refresh to see the latest.
Showing with 6 additions and 0 deletions.
  1. +6 −0 docs/ref/settings.txt
View
6 docs/ref/settings.txt
@@ -2287,6 +2287,12 @@ The domain to use for session cookies. Set this to a string such as
``".example.com"`` (note the leading dot!) for cross-domain cookies, or use
``None`` for a standard domain cookie.
+Be cautious when updating this setting on a production site. If you update
+this setting to enable cross-domain cookies on a site that previously used
+standard domain cookies, existing user cookies will be set to the old
+domain. This may result in them being unable to log in as long as these cookies
+persist.
+
.. setting:: SESSION_COOKIE_HTTPONLY
SESSION_COOKIE_HTTPONLY
Something went wrong with that request. Please try again.