Browse Source

Nastaveni HTTPS-only session cookies (prod a test)

remotes/origin/Float_novinky
Tomas Gavenciak 9 years ago
parent
commit
3038fada3d
  1. 8
      mamweb/settings_prod.py
  2. 4
      mamweb/settings_test.py

8
mamweb/settings_prod.py

@ -47,12 +47,18 @@ import os
SERVER_EMAIL = 'mamweb-prod-errors@mam.mff.cuni.cz' SERVER_EMAIL = 'mamweb-prod-errors@mam.mff.cuni.cz'
ADMINS = [ ADMINS = [
('Tomas Gavenciak', 'gavento@ucw.cz'),
('Petr Pecha', 'nejlepsitextovyeditorjevim@gmail.com'), ('Petr Pecha', 'nejlepsitextovyeditorjevim@gmail.com'),
('Matěj Kocián', 'matej.kocian@gmail.com'), ('Matěj Kocián', 'matej.kocian@gmail.com'),
] ]
# SECURITY: only send sensitive cookies via HTTPS
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
# LOGGING = { # LOGGING = {
# 'version': 1, # 'version': 1,
# 'disable_existing_loggers': True, # 'disable_existing_loggers': True,

4
mamweb/settings_test.py

@ -53,6 +53,10 @@ ADMINS = [
] ]
# SECURITY: only send sensitive cookies via HTTPS
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True

Loading…
Cancel
Save