mirror of
https://github.com/zulip/zulip.git
synced 2026-07-18 21:04:19 +08:00
Revert "Set a wildcard subdomain for the session and csrf cookie domains on staging"
This was to support get_updates sharding, which we never fully implemented. We can recommit this change later if we choose to bring the feature back. This reverts commit fda2d99d9e9a07951d11fcd9fc61cf229988f471. (imported from commit aec8203c8d8a94dd6f30089aeee22814d1595fc5)
This commit is contained in:
parent
9cc2945c9e
commit
a3037ea91a
@ -117,11 +117,6 @@ if DEPLOYED:
|
||||
SESSION_COOKIE_SECURE = True
|
||||
CSRF_COOKIE_SECURE = True
|
||||
|
||||
# For get_updates host sharding
|
||||
if STAGING_DEPLOYED:
|
||||
SESSION_COOKIE_DOMAIN = '.' + platform.node()
|
||||
CSRF_COOKIE_DOMAIN = '.' + platform.node()
|
||||
|
||||
# Prevent Javascript from reading the CSRF token from cookies. Our code gets
|
||||
# the token from the DOM, which means malicious code could too. But hiding the
|
||||
# cookie will slow down some attackers.
|
||||
|
||||
Loading…
Reference in New Issue
Block a user