From 155974a69bcff9c17a9e368abea124b1f2bcbbda Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Th=C3=A9o=20Lesage?= <tlesage@teklia.com>
Date: Mon, 18 Mar 2024 16:32:11 +0100
Subject: [PATCH] Enable HttpOnly on session cookies

---
 arkindex/project/settings.py | 2 --
 1 file changed, 2 deletions(-)

diff --git a/arkindex/project/settings.py b/arkindex/project/settings.py
index e9db6bcd61..9e898ded76 100644
--- a/arkindex/project/settings.py
+++ b/arkindex/project/settings.py
@@ -438,8 +438,6 @@ SESSION_COOKIE_NAME = conf["session"]["cookie_name"]
 SESSION_COOKIE_DOMAIN = conf["session"]["cookie_domain"]
 SESSION_COOKIE_SAMESITE = conf["session"]["cookie_samesite"].value
 SESSION_COOKIE_SECURE = conf["session"]["cookie_secure"]
-# Required for authentication over websockets
-SESSION_COOKIE_HTTPONLY = False
 
 # When a real cache system is available, write the session to the cache
 # and to the database (write-through), so that the backend can immediately checks
-- 
GitLab