[Django]-CSRF_COOKIE_SAMESITE equivalent for django 1.6.5

4👍

There is no support to add the samesite setting in Django 1.6.5, that is the reason the adding those in the settings.py did not work. Django 3.1 is where they started this support this setting. I tried adding my own middleware and add the setting to the cookies, but I got an invalid field error. Then I found a library I can use for this – django-cookies-samesite. I was able to apply the samesite setting to None and the secure to True, then I was able to login through salesforce web tab.

  1. Add these in settings.py
SESSION_COOKIE_SAMESITE = 'None'
SESSION_COOKIE_SAMESITE_FORCE_ALL = True
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
  1. And add this in the MIDDLEWARE_CLASSES:
'django_cookies_samesite.middleware.CookiesSameSite',

Relevant sites I got the info from:

https://github.com/django/django/pull/8380/files

https://pypi.org/project/django-cookies-samesite/

Leave a comment