Merge pull request mdn#1033 from berkerpeksag/csrf-doc

Add a note to the installation documentation about the CSRF_COOKIE_SECURE setting.
xpicio · Apr 22, 2013 · b81ca10 · b81ca10
2 parents 1e5a227 + f9368b6
commit b81ca10
Showing 1 changed file with 9 additions and 0 deletions.
diff --git a/docs/installation.rst b/docs/installation.rst
@@ -174,6 +174,15 @@ development instance::
 The ``SESSION_EXPIRE_AT_BROWSER_CLOSE`` setting is not strictly necessary, but
 it's convenient for development.
 
+Secure Cookies
+--------------
+
+To prevent error messages like ``Forbidden (CSRF cookie not set.):``, you need to
+set your ``settings_local.py`` with the following::
+
+    CSRF_COOKIE_SECURE = False
+
+
 Testing it Out
 ==============