Hi, I use HAProxy as load balancer, where I also terminate the SSL. The traffic between HAProxy and the is unencrypted. I have force SSL enabled, so all requests with http will be redirected to https.
Question is, does it serve any good to have CSRF_COOKIE_SECURE and SESSION_COOKIE_SECURE set to True in settings? It doesn't make sense for me, but there might be some other reasons for using that!? /Peter -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/a5d82347-5d4f-481f-8bc5-94be751f9f71%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
