Django SESSION_COOKIE_DOMAIN on localhost

When I set SESSION_COOKIE_DOMAIN = '.mysite.com' and then run the production site, the site creates the proper cross domain 开发者_开发知识库cookie and it's set to .mysite.com. However, if I set SESSION_COOKIE_DOMAIN = '.localhost' and run the local development server at localhost:8000 the cookie that is created is the non-cross domain cookie localhost.

Why might this be the case?

Thanks.

This has to do with how browsers and cookies work. Because you're not allowed to set cookies to something like .com, you can't set it as .localhost either.

You can check out more here: https://code.djangoproject.com/ticket/10560. Looks like there's no real solution within Django for this. I do wish they would warn us though rather than just break.

I don't have a good solution though. For testing you could set your hosts file to use something like test.com instead of localhost to point to your runserver.

for dev server, you can just use

SESSION_COOKIE_SECURE= False #default use just to override your prod setting
SESSION_COOKIE_DOMAIN= None  #default  use just to override your prod setting

or you can resolve domain name with the host's file

 SESSION_COOKIE_DOMAIN= '.localhost'

Or something like this

SESSION_COOKIE_SECURE= False
SESSION_COOKIE_DOMAIN=  "127.0.0.1"

You can't set SESSION_COOKIE_DOMAIN = '.localhost' because of browsers security features. (cf Django issue 10560)

However if you have foo.localhost:8000 and bar.localhost:8000 you can switch to foo.dev.localhost:8000 and bar.dev.localhost:8000 and set

SESSION_COOKIE_DOMAIN = '.dev.localhost'
SESSION_COOKIE_NAME = "youcustomcookiename"