From ed13e203f811a52458e4038367c912174843af58 Mon Sep 17 00:00:00 2001
From: Tanner Collin <git@tannercollin.com>
Date: Fri, 21 Feb 2020 22:46:26 +0000
Subject: [PATCH] Force secure cookies

---
 apiserver/apiserver/settings.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/apiserver/apiserver/settings.py b/apiserver/apiserver/settings.py
index ef3a625..22e3747 100644
--- a/apiserver/apiserver/settings.py
+++ b/apiserver/apiserver/settings.py
@@ -50,6 +50,8 @@ if DEBUG:
     ]
 
 SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
+SESSION_COOKIE_SECURE = True
+CSRF_COOKIE_SECURE = True
 
 
 # Application definition