settings: set samesite flag on cookies when possible (#71880)
This commit is contained in:
parent
d8d29e2daa
commit
4b3bcd0149
|
@ -19,6 +19,7 @@ import logging.config
|
|||
import os
|
||||
|
||||
# Load default from Django
|
||||
import django
|
||||
from django.conf import global_settings
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
|
||||
|
@ -59,6 +60,13 @@ DATABASES = {
|
|||
SESSION_COOKIE_SECURE = True
|
||||
CSRF_COOKIE_SECURE = True
|
||||
LANGUAGE_COOKIE_SECURE = True
|
||||
CSRF_COOKIE_SAMESITE = 'Lax'
|
||||
if django.VERSION < (3, 1):
|
||||
SESSION_COOKIE_SAMESITE = 'Lax'
|
||||
LANGUAGE_COOKIE_SAMESITE = 'Lax'
|
||||
else:
|
||||
SESSION_COOKIE_SAMESITE = 'None'
|
||||
LANGUAGE_COOKIE_SAMESITE = 'None'
|
||||
|
||||
# Hey Entr'ouvert is in France !!
|
||||
TIME_ZONE = 'Europe/Paris'
|
||||
|
|
Loading…
Reference in New Issue