From 4ee7dc732166a91572fa6b918d0763761b6f0591 Mon Sep 17 00:00:00 2001
From: Conor Holden <conor@maykinmedia.nl>
Date: Tue, 20 Aug 2024 10:05:34 +0200
Subject: [PATCH] :wrench:[#45] add CSRF_COOKIE_HTTPONLY setting

---
 open_api_framework/conf/base.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/open_api_framework/conf/base.py b/open_api_framework/conf/base.py
index 0d45134..a44f3e6 100644
--- a/open_api_framework/conf/base.py
+++ b/open_api_framework/conf/base.py
@@ -552,6 +552,7 @@
 )
 
 CSRF_COOKIE_SECURE = IS_HTTPS
+CSRF_COOKIE_HTTPONLY = True
 CSRF_COOKIE_SAMESITE = config(
     "CSRF_COOKIE_SAMESITE",
     "Strict",