Merge pull request #37 from Lyla-Fischer/session_cookie

removed requirement for security from session cookie
This commit is contained in:
Daniel Greenfeld 2013-10-28 13:14:30 -07:00
commit 66e48fec78
2 changed files with 2 additions and 2 deletions

View File

@ -30,7 +30,7 @@ DJANGO_SECURE_CONTENT_TYPE_NOSNIFF SECURE_CONTENT_TYPE_NOSNIFF n/a
DJANGO_SECURE_FRAME_DENY SECURE_FRAME_DENY n/a True DJANGO_SECURE_FRAME_DENY SECURE_FRAME_DENY n/a True
DJANGO_SECURE_HSTS_INCLUDE_SUBDOMAINS HSTS_INCLUDE_SUBDOMAINS n/a True DJANGO_SECURE_HSTS_INCLUDE_SUBDOMAINS HSTS_INCLUDE_SUBDOMAINS n/a True
DJANGO_SESSION_COOKIE_HTTPONLY SESSION_COOKIE_HTTPONLY n/a True DJANGO_SESSION_COOKIE_HTTPONLY SESSION_COOKIE_HTTPONLY n/a True
DJANGO_SESSION_COOKIE_SECURE SESSION_COOKIE_SECURE n/a True DJANGO_SESSION_COOKIE_SECURE SESSION_COOKIE_SECURE n/a False
======================================= =========================== =========================================== =========================================== ======================================= =========================== =========================================== ===========================================
* TODO: Add vendor-added settings in another table * TODO: Add vendor-added settings in another table

View File

@ -318,7 +318,7 @@ class Production(Common):
SECURE_FRAME_DENY = values.BooleanValue(True) SECURE_FRAME_DENY = values.BooleanValue(True)
SECURE_CONTENT_TYPE_NOSNIFF = values.BooleanValue(True) SECURE_CONTENT_TYPE_NOSNIFF = values.BooleanValue(True)
SECURE_BROWSER_XSS_FILTER = values.BooleanValue(True) SECURE_BROWSER_XSS_FILTER = values.BooleanValue(True)
SESSION_COOKIE_SECURE = values.BooleanValue(True) SESSION_COOKIE_SECURE = values.BooleanValue(False)
SESSION_COOKIE_HTTPONLY = values.BooleanValue(True) SESSION_COOKIE_HTTPONLY = values.BooleanValue(True)
SECURE_SSL_REDIRECT = values.BooleanValue(True) SECURE_SSL_REDIRECT = values.BooleanValue(True)
########## end django-secure ########## end django-secure