explicitly set the domain for the csrf cookie to match the session domain.

2013-01-26 21:10:14 -05:00
parent a725fa1f17
commit 956ccb06e9
1 changed files with 1 additions and 0 deletions
--- a/lms/envs/aws.py
+++ b/lms/envs/aws.py
@@ -37,6 +37,7 @@ with open(ENV_ROOT / "env.json") as env_file:

 SITE_NAME = ENV_TOKENS['SITE_NAME']
 SESSION_COOKIE_DOMAIN = ENV_TOKENS.get('SESSION_COOKIE_DOMAIN')
+CSRF_COOKIE_DOMAIN = ENV_TOKENS.get('SESSION_COOKIE_DOMAIN')

 BOOK_URL = ENV_TOKENS['BOOK_URL']
 MEDIA_URL = ENV_TOKENS['MEDIA_URL']