Secure Setting for Django SESSION_COOKIE_SECURE flag

2025-12-20 13:51:09 -05:00 · 2025-04-27 03:28:04 +00:00
1 changed files with 2 additions and 1 deletions
--- a/thrillwiki/settings.py
+++ b/thrillwiki/settings.py
@@ -10,7 +10,7 @@ BASE_DIR = Path(__file__).resolve().parent.parent
 SECRET_KEY = "django-insecure-=0)^0#h#k$0@$8$ys=^$0#h#k$0@$8$ys=^"

 # SECURITY WARNING: don't run with debug turned on in production!
-DEBUG = False
+DEBUG = True

 CSRF_TRUSTED_ORIGINS = ["https://beta.thrillwiki.com"]
 ALLOWED_HOSTS = ["*"]
@@ -226,3 +226,4 @@ TAILWIND_CLI_DIST_CSS = os.path.join(BASE_DIR, "static/css/tailwind.css")
 TURNSTILE_SITE_KEY = "0x4AAAAAAAyqVp3RjccrC9Kz"
 TURNSTILE_SECRET_KEY = "0x4AAAAAAAyqVrQolYsrAFGJ39PXHJ_HQzY"
 TURNSTILE_VERIFY_URL = "https://challenges.cloudflare.com/turnstile/v0/siteverify"
+SESSION_COOKIE_SECURE = True