Skip to content

Commit

Permalink
Allow cookies to be included in cross-site HTTP requests. Required to…
Browse files Browse the repository at this point in the history 
… pass CSRF tokens and session information from frontend to backend.
  • Loading branch information
@Kurocon
Kurocon committed Feb 17, 2025
1 parent 93ebaf4 commit 3cd3835
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions amelie/settings/generic.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -388,6 +388,9 @@
# Also, URL-specific CORS rules are handled by the signal handler in `tools/cors.py`.
CORS_ALLOWED_ORIGINS = []
CORS_ALLOW_ALL_ORIGINS = False
# Cookies are allowed to be included in cross-site HTTP requests.
# Required to pass CSRF tokens and session information from frontend to backend
CORS_ALLOW_CREDENTIALS = True

# GraphQL API settings
GRAPHENE = {
Expand Down

0 comments on commit 3cd3835

Please sign in to comment.