From e5dac53f92c10294f9df4c936d71d90284f5eb87 Mon Sep 17 00:00:00 2001
From: Lyla Fischer <lyla@edx.org>
Date: Mon, 28 Oct 2013 14:02:56 -0400
Subject: [PATCH] Removed the requirement for SSL

As heroku does not currently offer a free SSL add-on, initial
development should assume that SSL is NOT there.
---
 .../{{cookiecutter.repo_name}}/config/settings.py               | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/{{cookiecutter.repo_name}}/{{cookiecutter.repo_name}}/config/settings.py b/{{cookiecutter.repo_name}}/{{cookiecutter.repo_name}}/config/settings.py
index 8026428b5..0ddcf30d3 100644
--- a/{{cookiecutter.repo_name}}/{{cookiecutter.repo_name}}/config/settings.py
+++ b/{{cookiecutter.repo_name}}/{{cookiecutter.repo_name}}/config/settings.py
@@ -343,7 +343,7 @@ class Production(Common):
     SECURE_FRAME_DENY = values.BooleanValue(True)
     SECURE_CONTENT_TYPE_NOSNIFF = values.BooleanValue(True)
     SECURE_BROWSER_XSS_FILTER = values.BooleanValue(True)
-    SESSION_COOKIE_SECURE = values.BooleanValue(True)
+    SESSION_COOKIE_SECURE = values.BooleanValue(False)
     SESSION_COOKIE_HTTPONLY = values.BooleanValue(True)
     SECURE_SSL_REDIRECT = values.BooleanValue(True)
     ########## end django-secure