def get_cookie_domain(request):
if '.' not in request.host:
# As per spec, browsers do not accept cookie domains without dots in it,
# e.g. "localhost", see http://curl.haxx.se/rfc/cookie_spec.html
return None
default_domain, default_port = split_domain_port(settings.SITE_NETLOC)
if request.host == default_domain:
# We are on our main domain, set the cookie domain the user has chosen
return settings.SESSION_COOKIE_DOMAIN
else:
# We are on an organizer's custom domain, set no cookie domain, as we do not want
# the cookies to be present on any other domain. Setting an explicit value can be
# dangerous, see http://erik.io/blog/2014/03/04/definitive-guide-to-cookie-domains/
return None
评论列表
文章目录
