发表新帖

发表新帖

Django CSRF cookie HttpOnly

后端未结

关注

 3  1893

忘掉有多难 2021-02-19 10:32

Is it possible to set the django csrf cookie to be http-only? Alike to SESSION_COOKIE_HTTPONLY with session cookie, but for the csrf one?

3条回答

悲&欢浪女 (楼主)

2021-02-19 10:57

A new setting, CSRF_COOKIE_HTTPONLY, is available in Django 1.6+.

0 讨论(0)

查看其它3个回答
发布评论:

提交评论
- 加载中...

热议问题