Allow CSRF cookie to be sent with cross-site requests

Inter-Actief · Feb 17, 2025 · d09d74e · d09d74e
1 parent 3cd3835
commit d09d74e
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/amelie/settings/generic.py b/amelie/settings/generic.py
@@ -391,6 +391,9 @@
 # Cookies are allowed to be included in cross-site HTTP requests.
 # Required to pass CSRF tokens and session information from frontend to backend
 CORS_ALLOW_CREDENTIALS = True
+# Send the CSRF cookie with both same-site and cross-site requests
+# Required to pass CSRF tokens and session information from frontend to backend
+CSRF_COOKIE_SAMESITE = "None"
 
 # GraphQL API settings
 GRAPHENE = {