Skip to content

Commit 005d51a

Browse files
adamchainzadamchainz
committed
Fix README
1 parent b23a594 commit 005d51a

File tree

1 file changed

+3
-0
lines changed

1 file changed

+3
-0
lines changed

README.rst

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -296,6 +296,9 @@ If ``True``, cookies will be allowed to be included in cross-site HTTP requests.
296296
This sets the |Access-Control-Allow-Credentials header|__ in preflight and normal responses.
297297
Defaults to ``False``.
298298

299+
.. |Access-Control-Allow-Credentials header| replace:: ``Access-Control-Allow-Credentials`` header
300+
__ https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials
301+
299302
Note: in Django 2.1 the `SESSION_COOKIE_SAMESITE`_ setting was added, set to ``'Lax'`` by default, which will prevent Django's session cookie being sent cross-domain.
300303
Change the setting to ``None`` if you need to bypass this security restriction.
301304

0 commit comments

Comments
 (0)