Skip to content

Commit

Permalink
Merge pull request #281 from kobotoolbox/kobotoolbox/kpi#2658-stop-sh…
Browse files Browse the repository at this point in the history 
…aring-csrf-cookie

Set domain for session cookie, not CSRF
  • Loading branch information
@noliveleger
noliveleger committed May 6, 2020
2 parents b159e71 + f7856cc commit 531ab74
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion scripts/runtime_variables_kobocat.source.bash
View file
Expand Up @@ -9,7 +9,7 @@ if [[ ! -z "${PUBLIC_DOMAIN_NAME}" ]]; then
export KOBOFORM_INTERNAL_URL="http://${KOBOFORM_PUBLIC_SUBDOMAIN}.${INTERNAL_DOMAIN_NAME}" # Always use HTTP internally.
export KOBOCAT_URL="${PUBLIC_REQUEST_SCHEME}://${KOBOCAT_PUBLIC_SUBDOMAIN}.${PUBLIC_DOMAIN_NAME}${PUBLIC_PORT}"
export ENKETO_URL="${PUBLIC_REQUEST_SCHEME}://${ENKETO_EXPRESS_PUBLIC_SUBDOMAIN}.${PUBLIC_DOMAIN_NAME}${PUBLIC_PORT}"
export CSRF_COOKIE_DOMAIN=".${PUBLIC_DOMAIN_NAME}"
export SESSION_COOKIE_DOMAIN=".${PUBLIC_DOMAIN_NAME}"
export DJANGO_ALLOWED_HOSTS=".${PUBLIC_DOMAIN_NAME} .${INTERNAL_DOMAIN_NAME}"

# DATABASE
Expand Down
2 changes: 1 addition & 1 deletion scripts/runtime_variables_kpi.source.bash
View file
Expand Up @@ -10,7 +10,7 @@ if [[ ! -z "${PUBLIC_DOMAIN_NAME}" ]]; then
export ENKETO_INTERNAL_URL="http://${ENKETO_EXPRESS_PUBLIC_SUBDOMAIN}.${INTERNAL_DOMAIN_NAME}" # Always use HTTP internally.
export KOBOCAT_URL="${PUBLIC_REQUEST_SCHEME}://${KOBOCAT_PUBLIC_SUBDOMAIN}.${PUBLIC_DOMAIN_NAME}${PUBLIC_PORT}"
export KOBOCAT_INTERNAL_URL="http://${KOBOCAT_PUBLIC_SUBDOMAIN}.${INTERNAL_DOMAIN_NAME}" # Always use HTTP internally.
export CSRF_COOKIE_DOMAIN=".${PUBLIC_DOMAIN_NAME}"
export SESSION_COOKIE_DOMAIN=".${PUBLIC_DOMAIN_NAME}"
export DJANGO_ALLOWED_HOSTS=".${PUBLIC_DOMAIN_NAME} .${INTERNAL_DOMAIN_NAME}"

# DATABASE
Expand Down

0 comments on commit 531ab74

Please sign in to comment.