Changes to permit login to the dev. server from recent browsers (such as Chrome 84)

 - Legacy-Id: 18381

Author: levkowetz

ietf/settings.py

@@ -1238,4 +1238,7 @@ def skip_unreadable_post(record):
 
     # Cannot have this set to True if we're using http: from the dev-server:
     CSRF_COOKIE_SECURE = False
-    SESSION_COOKIE_SECURE = False
+    CSRF_COOKIE_SAMESITE = 'Lax'
+    SESSION_COOKIE_SECURE = False
+    SESSION_COOKIE_SAMESITE = 'Lax'
+