Commit 4253f61f by Will Daly

Merge pull request #1894 from edx/will/cross-domain-csrf-cookie

Add settings for the cross-domain CSRF cookie
parents b348398e 8b754c35
......@@ -165,6 +165,7 @@ EDXAPP_FEATURES:
ENABLE_DISCUSSION_HOME_PANEL: true
ENABLE_COMBINED_LOGIN_REGISTRATION: true
ENABLE_CORS_HEADERS: false
ENABLE_CROSS_DOMAIN_CSRF_COOKIE: false
ENABLE_COUNTRY_ACCESS: false
ENABLE_VIDEO_BEACON: false
......@@ -416,6 +417,9 @@ EDXAPP_VIDEO_UPLOAD_PIPELINE:
EDXAPP_CORS_ORIGIN_WHITELIST: []
EDXAPP_CORS_ORIGIN_ALLOW_ALL: false
EDXAPP_CROSS_DOMAIN_CSRF_COOKIE_DOMAIN: ""
EDXAPP_CROSS_DOMAIN_CSRF_COOKIE_NAME: ""
# Video Beacon Settings
CDN_VIDEO_URLS: {}
PERFORMANCE_GRAPHITE_URL: 'SetPerformanceGraphiteHostName'
......@@ -613,6 +617,8 @@ generic_cache_config: &default_generic_cache
generic_env_config: &edxapp_generic_env
CORS_ORIGIN_WHITELIST: "{{ EDXAPP_CORS_ORIGIN_WHITELIST }}"
CORS_ORIGIN_ALLOW_ALL: $EDXAPP_CORS_ORIGIN_ALLOW_ALL
CROSS_DOMAIN_CSRF_COOKIE_DOMAIN: "{{ EDXAPP_CROSS_DOMAIN_CSRF_COOKIE_DOMAIN }}"
CROSS_DOMAIN_CSRF_COOKIE_NAME: "{{ EDXAPP_CROSS_DOMAIN_CSRF_COOKIE_NAME }}"
VIDEO_UPLOAD_PIPELINE: "{{ EDXAPP_VIDEO_UPLOAD_PIPELINE }}"
DEPRECATED_ADVANCED_COMPONENT_TYPES: "{{ EDXAPP_DEPRECATED_ADVANCED_COMPONENT_TYPES }}"
OAUTH_OIDC_ISSUER: "https://{{ EDXAPP_LMS_BASE }}/oauth2"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment