Skip to content

Commit

Permalink
added settings for CORS_ALLOW_CREDENTIALS and SESSION_COOKIE_SAMESITE
Browse files Browse the repository at this point in the history
  • Loading branch information
@seanshahkarami
seanshahkarami committed Feb 7, 2024
1 parent 65f875c commit bd87f9f
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion config/settings/base.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -177,12 +177,17 @@

# Security settings
ALLOWED_HOSTS = env("ALLOWED_HOSTS", list, [])

CSRF_COOKIE_SECURE = env("CSRF_COOKIE_SECURE", bool, True)
CSRF_TRUSTED_ORIGINS = env("CSRF_TRUSTED_ORIGINS", list, [])

CORS_ALLOWED_ORIGINS = env("CORS_ALLOWED_ORIGINS", list, [])
CORS_ALLOWED_ORIGIN_REGEXES = env("CORS_ALLOWED_ORIGIN_REGEXES", list, [])
CORS_ALLOW_ALL_ORIGINS = env("CORS_ALLOW_ALL_ORIGINS", bool, False)
CORS_ALLOW_CREDENTIALS = env("CORS_ALLOW_CREDENTIALS", bool, False)

SESSION_COOKIE_SECURE = env("SESSION_COOKIE_SECURE", bool, True)
CSRF_COOKIE_SECURE = env("CSRF_COOKIE_SECURE", bool, True)
SESSION_COOKIE_SAMESITE = env("SESSION_COOKIE_SAMESITE", str, "Lax")

S3_ENDPOINT = env("S3_ENDPOINT", str, "")
S3_ACCESS_KEY = env("S3_ACCESS_KEY", str, "")
Expand Down

0 comments on commit bd87f9f

Please sign in to comment.