Fixed #2523 -- Added SESSION_COOKIE_SECURE setting. Thanks, mir@noris.de

git-svn-id: http://code.djangoproject.com/svn/django/trunk@3570 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2025-10-26 15:16:09 +00:00 · 2006-08-12 06:02:28 +00:00
parent 20070d9117
commit 45be33a632
4 changed files with 26 additions and 1 deletions
--- a/django/conf/global_settings.py
+++ b/django/conf/global_settings.py
@@ -252,6 +252,7 @@ MIDDLEWARE_CLASSES = (
 SESSION_COOKIE_NAME = 'sessionid'         # Cookie name. This can be whatever you want.
 SESSION_COOKIE_AGE = 60 * 60 * 24 * 7 * 2 # Age of cookie, in seconds (default: 2 weeks).
 SESSION_COOKIE_DOMAIN = None              # A string like ".lawrence.com", or None for standard domain cookie.
+SESSION_COOKIE_SECURE = False             # Whether the session cookie should be secure (https:// only).
 SESSION_SAVE_EVERY_REQUEST = False        # Whether to save the session data on every request.
 SESSION_EXPIRE_AT_BROWSER_CLOSE = False   # Whether sessions expire when a user closes his browser.