Commit 3fefd84e by e0d Committed by Edward Zarecor

Adding config to enable secure CSRF

parent 53dbc8f8
......@@ -491,6 +491,7 @@ EDXAPP_CORS_ORIGIN_WHITELIST: []
EDXAPP_CORS_ORIGIN_ALLOW_ALL: false
EDXAPP_CROSS_DOMAIN_CSRF_COOKIE_DOMAIN: ""
EDXAPP_CROSS_DOMAIN_CSRF_COOKIE_NAME: ""
EDXAPP_CSRF_COOKIE_SECURE: false
# Video Beacon Settings
CDN_VIDEO_URLS: {}
......@@ -755,6 +756,7 @@ generic_env_config: &edxapp_generic_env
CORS_ORIGIN_ALLOW_ALL: "{{ EDXAPP_CORS_ORIGIN_ALLOW_ALL }}"
CROSS_DOMAIN_CSRF_COOKIE_DOMAIN: "{{ EDXAPP_CROSS_DOMAIN_CSRF_COOKIE_DOMAIN }}"
CROSS_DOMAIN_CSRF_COOKIE_NAME: "{{ EDXAPP_CROSS_DOMAIN_CSRF_COOKIE_NAME }}"
CSRF_COOKIE_SECURE: "{{ EDXAPP_CSRF_COOKIE_SECURE }}"
VIDEO_UPLOAD_PIPELINE: "{{ EDXAPP_VIDEO_UPLOAD_PIPELINE }}"
DEPRECATED_ADVANCED_COMPONENT_TYPES: "{{ EDXAPP_DEPRECATED_ADVANCED_COMPONENT_TYPES }}"
OAUTH_OIDC_ISSUER: "{{ EDXAPP_LMS_ISSUER }}"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment