Quellcode durchsuchen

fix: cookie same site and secure

master
xuxiaofei vor 4 Jahren
Ursprung
Commit
b9738d36d8
  1. 2
      py_vislib/settings/base.py
  2. 4
      vislib/middleware.py

2
py_vislib/settings/base.py

@ -29,7 +29,7 @@ ALLOWED_HOSTS = ['*']
# 跨域
# CORS_ORIGIN_ALLOW_ALL = True
# SESSION_COOKIE_SAMESITE = None
# SESSION_COOKIE_SAMESITE = 'strict'
# SESSION_COOKIE_SECURE = True
# Application definition

4
vislib/middleware.py

@ -4,7 +4,7 @@ from django.utils.deprecation import MiddlewareMixin
class SameSiteMiddleware(MiddlewareMixin):
def process_response(self, request, response):
if 'sessionid' in response.cookies:
response.cookies['sessionid']['samesite'] = 'None'
response.cookies['sessionid']['samesite'] = 'Strict'
if 'csrftoken' in response.cookies:
response.cookies['csrftoken']['samesite'] = 'None'
response.cookies['csrftoken']['samesite'] = 'Strict'
return response

Laden…
Abbrechen
Speichern