Skip to content

Commit

Permalink
add CSRF_COOKIE_SECURE setting in production (#145)
Browse files Browse the repository at this point in the history
  • Loading branch information
@joshuadavidthomas
joshuadavidthomas authored May 2, 2024
1 parent ec4e105 commit e341b78
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 0 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Repo now has a `CODEOWNERS` file to automatically assign reviewers to pull requests. (Template already has one.)
- Added a new, separate Dependabot group for `django-email-relay` updates.
- Added Docker to Dependabot updates.
- Added `CSRF_COOKIE_SECURE = not DEBUG` to the Django settings template.

## [2024.19]

Expand Down
2 changes: 2 additions & 0 deletions src/django_twc_project/{{ module_name }}/settings.py.jinja
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,8 @@ ALLOWED_HOSTS = env.list("ALLOWED_HOSTS", default=["*"] if DEBUG else ["localhos

ASGI_APPLICATION = "{{ module_name }}.asgi.application"

CSRF_COOKIE_SECURE = not DEBUG

DATABASES = {
"default": env.dj_db_url(
"DATABASE_URL",
Expand Down

0 comments on commit e341b78

Please sign in to comment.