From 956ccb06e97ea0b6c0c06313191598909f5ce22f Mon Sep 17 00:00:00 2001 From: e0d Date: Sat, 26 Jan 2013 21:10:14 -0500 Subject: [PATCH] explicitly set the domain for the csrf cookie to match the session domain. --- lms/envs/aws.py | 1 + 1 file changed, 1 insertion(+) diff --git a/lms/envs/aws.py b/lms/envs/aws.py index a4aeb34a20..47bffac91e 100644 --- a/lms/envs/aws.py +++ b/lms/envs/aws.py @@ -37,6 +37,7 @@ with open(ENV_ROOT / "env.json") as env_file: SITE_NAME = ENV_TOKENS['SITE_NAME'] SESSION_COOKIE_DOMAIN = ENV_TOKENS.get('SESSION_COOKIE_DOMAIN') +CSRF_COOKIE_DOMAIN = ENV_TOKENS.get('SESSION_COOKIE_DOMAIN') BOOK_URL = ENV_TOKENS['BOOK_URL'] MEDIA_URL = ENV_TOKENS['MEDIA_URL']