search

jotes / django-cookies-samesite

This repository contains a middleware which automatically sets SameSite attribute for session and csrf cookies in legacy versions of Django.
BSD 3-Clause "New" or "Revised" License
49 stars 35 forks source link

feat: SAMESITE_DEVMODE to help with development servers #46

Closed nedbat closed 3 years ago

nedbat commented 3 years ago

If SAMESITE_DEVMODE=True, and the request is http (not https), then samesite will be "Lax". This is because developers often need to test in environments where it is difficult to configure https.