Skip to content
Permalink
Browse files Browse the repository at this point in the history
Set HTTPONLY to CSRF cookies
  • Loading branch information
elnappo committed May 16, 2019
1 parent 1732ace commit 60a3fe5
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/nsupdate/settings/base.py
Expand Up @@ -283,7 +283,7 @@
# Settings for CSRF cookie.
CSRF_COOKIE_NAME = 'csrftoken'
CSRF_COOKIE_PATH = '/'
CSRF_COOKIE_HTTPONLY = False
CSRF_COOKIE_HTTPONLY = True

# Settings for session cookie.
SESSION_COOKIE_NAME = 'sessionid'
Expand Down

0 comments on commit 60a3fe5

Please sign in to comment.