Skip to content
This repository has been archived by the owner on Feb 8, 2018. It is now read-only.

Commit

Permalink
Allow access to session cookie from javascript
Browse files Browse the repository at this point in the history 
This is so we can programmatically add the session token to ajax
requests to prevent CSRF. (#88)
  • Loading branch information
@chadwhitacre
chadwhitacre committed Jun 29, 2012
1 parent 7a9331b commit bc3f9bb
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion gittip/authentication.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,4 +136,4 @@ def outbound(response):
#cookie['domain']
cookie['path'] = '/'
cookie['expires'] = rfc822.formatdate(expires)
cookie['httponly'] = "Yes, please."
#cookie['httponly'] = "Yes, please."

0 comments on commit bc3f9bb

Please sign in to comment.