diff --git a/requirements/common.in b/requirements/common.in index 83454b9f25..a7cae91546 100644 --- a/requirements/common.in +++ b/requirements/common.in @@ -174,9 +174,6 @@ pyahocorasick # Used for rate limiting authentication. decorator -# Use SameSite cookies in legacy Django (remove with Django 2.1) -django-cookies-samesite - # For server-side enforcement of password strength zxcvbn diff --git a/requirements/dev.txt b/requirements/dev.txt index d2354d0a3d..10721a8787 100644 --- a/requirements/dev.txt +++ b/requirements/dev.txt @@ -283,9 +283,6 @@ django-bitfield==2.0.1 \ django-bmemcached==0.3.0 \ --hash=sha256:4e4b7d97216dbae331c1de10e699ca22804b94ec3a90d2762dd5d146e6986a8a \ # via -r requirements/common.in -django-cookies-samesite==0.6.6 \ - --hash=sha256:a26dc27bfc446279c981a301b053eff845b93d9ba62798e281c90584a7ccaa4a \ - # via -r requirements/common.in django-formtools==2.2 \ --hash=sha256:304fa777b8ef9e0693ce7833f885cb89ba46b0e46fc23b01176900a93f46742f \ --hash=sha256:c5272c03c1cd51b2375abf7397a199a3148a9fbbf2f100e186467a84025d13b2 \ @@ -1210,10 +1207,6 @@ typing-extensions==3.7.4.3 \ --hash=sha256:99d4073b617d30288f569d3f13d2bd7548c3a7e4c8de87db09a9d29bb3a4a60c \ --hash=sha256:dafc7639cde7f1b6e1acc0f457842a83e722ccca8eef5270af2d74792619a89f \ # via -r requirements/common.in, mypy, zulint -ua-parser==0.10.0 \ - --hash=sha256:46ab2e383c01dbd2ab284991b87d624a26a08f72da4d7d413f5bfab8b9036f8a \ - --hash=sha256:47b1782ed130d890018d983fac37c2a80799d9e0b9c532e734c67cf70f185033 \ - # via django-cookies-samesite uhashring==1.2 \ --hash=sha256:f7304ca2ff763bbf1e2f8a78f21131721811619c5841de4f8c98063344906931 \ # via python-binary-memcached diff --git a/requirements/prod.txt b/requirements/prod.txt index c19ae9b357..9783323f08 100644 --- a/requirements/prod.txt +++ b/requirements/prod.txt @@ -191,9 +191,6 @@ django-bitfield==2.0.1 \ django-bmemcached==0.3.0 \ --hash=sha256:4e4b7d97216dbae331c1de10e699ca22804b94ec3a90d2762dd5d146e6986a8a \ # via -r requirements/common.in -django-cookies-samesite==0.6.6 \ - --hash=sha256:a26dc27bfc446279c981a301b053eff845b93d9ba62798e281c90584a7ccaa4a \ - # via -r requirements/common.in django-formtools==2.2 \ --hash=sha256:304fa777b8ef9e0693ce7833f885cb89ba46b0e46fc23b01176900a93f46742f \ --hash=sha256:c5272c03c1cd51b2375abf7397a199a3148a9fbbf2f100e186467a84025d13b2 \ @@ -797,10 +794,6 @@ typing-extensions==3.7.4.3 \ --hash=sha256:99d4073b617d30288f569d3f13d2bd7548c3a7e4c8de87db09a9d29bb3a4a60c \ --hash=sha256:dafc7639cde7f1b6e1acc0f457842a83e722ccca8eef5270af2d74792619a89f \ # via -r requirements/common.in -ua-parser==0.10.0 \ - --hash=sha256:46ab2e383c01dbd2ab284991b87d624a26a08f72da4d7d413f5bfab8b9036f8a \ - --hash=sha256:47b1782ed130d890018d983fac37c2a80799d9e0b9c532e734c67cf70f185033 \ - # via django-cookies-samesite uhashring==1.2 \ --hash=sha256:f7304ca2ff763bbf1e2f8a78f21131721811619c5841de4f8c98063344906931 \ # via python-binary-memcached diff --git a/version.py b/version.py index 5682de11b5..c7d09292e3 100644 --- a/version.py +++ b/version.py @@ -44,4 +44,4 @@ API_FEATURE_LEVEL = 32 # historical commits sharing the same major version, in which case a # minor version bump suffices. -PROVISION_VERSION = '104.0' +PROVISION_VERSION = '105.0' diff --git a/zproject/computed_settings.py b/zproject/computed_settings.py index 0f225b2409..ea7aabc7d4 100644 --- a/zproject/computed_settings.py +++ b/zproject/computed_settings.py @@ -397,8 +397,6 @@ REDIS_PASSWORD = get_secret('redis_password') # SECURITY SETTINGS ######################################################################## -SESSION_COOKIE_SAMESITE = 'Lax' - # Tell the browser to never send our cookies without encryption, e.g. # when executing the initial http -> https redirect. #