The Django settings mentioned in #3 seem to be related to the cookies managed by Django session. Horizon is managing some by is own [0].
We could probably start a discussion with horizon to fix that but at least we can add in charm another layer of security. The review [1] may be a good start.
The Django settings mentioned in #3 seem to be related to the cookies managed by Django session. Horizon is managing some by is own [0].
We could probably start a discussion with horizon to fix that but at least we can add in charm another layer of security. The review [1] may be a good start.
[0] https:/ /github. com/openstack/ horizon/ blob/master/ openstack_ auth/views. py /review. opendev. org/#/c/ 649274/
[1] https:/