OpenStack Dashboard (Horizon)

  1. Bug #1369876
  2. Comment #5

Comment 5 for bug 1369876

Revision history for this message
Matt Borland (palecrow) wrote :

FYI, I believe this has been addressed by the settings as outlined in local_settings.py.example, as also evidenced by the documentation Doug referenced:

# If Horizon is being served through SSL, then uncomment the following two
# settings to better secure the cookies from security exploits
#CSRF_COOKIE_SECURE = True
#SESSION_COOKIE_SECURE = True