how to find known issues with httponly and secure flag settings in horizon cookies

asked 2015-02-24 17:38:41 -0600

anonymous user

Anonymous

I've checked launchpad to see if there were any bugs already mentioned with httponly and secure flags set in horizon. There does not seem to be a bug opened currently. Most of the time the cookies that come back do have the flags. But it looks like for some pages the flags are not set

Have already set in local_settings.py CSRF_COOKIE_SECURE = True SESSION_COOKIE_SECURE = True CSRF_COOKIE_HTTPONLY = True and in settings.py SESSION_COOKIE_HTTPONLY

edit retag flag offensive close merge delete