From f9368b6e04cd47a8acca05ae236caa018276d321 Mon Sep 17 00:00:00 2001
From: Berker Peksag <berker.peksag@gmail.com>
Date: Mon, 22 Apr 2013 15:07:53 +0300
Subject: [PATCH] Add a note to the installation documentation about the
 CSRF_COOKIE_SECURE setting.

See for more information:

https://docs.djangoproject.com/en/dev/ref/settings/#std:setting-CSRF_COOKIE_SECURE
---
 docs/installation.rst | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/docs/installation.rst b/docs/installation.rst
index 55b7bf8c5be..7c32589e521 100644
--- a/docs/installation.rst
+++ b/docs/installation.rst
@@ -174,6 +174,15 @@ development instance::
 The ``SESSION_EXPIRE_AT_BROWSER_CLOSE`` setting is not strictly necessary, but
 it's convenient for development.
 
+Secure Cookies
+--------------
+
+To prevent error messages like ``Forbidden (CSRF cookie not set.):``, you need to
+set your ``settings_local.py`` with the following::
+
+    CSRF_COOKIE_SECURE = False
+
+
 Testing it Out
 ==============