Browse files

Use HTTPS session cookies by default.

Turns on secure session cookies by default. This is balanced by a
commented line in playdoh's local.py-dist that warns developers
that local instances without HTTPS should disable this.
  • Loading branch information...
1 parent 4b98120 commit a380a54d87724cc59c160b756401915d32e228da @Osmose Osmose committed Jun 13, 2012
Showing with 1 addition and 0 deletions.
  1. +1 −0 funfactory/settings_base.py
View
1 funfactory/settings_base.py
@@ -334,6 +334,7 @@ def get_apps(exclude=(), append=(), current={'apps': INSTALLED_APPS}):
#
# By default, be at least somewhat secure with our session cookies.
SESSION_COOKIE_HTTPONLY = True
+SESSION_COOKIE_SECURE = True
## Auth
# The first hasher in this list will be used for new passwords.

0 comments on commit a380a54

Please sign in to comment.