Flip CSRF_COOKIE_SECURE docs.

I think this was backwards.
author: Bill Nottingham <notting@splat.cc> 2020-04-16 21:34:31 +0200
committer: Bill Nottingham <notting@splat.cc> 2020-04-16 21:34:38 +0200
commit: 11b1d0e84c1d5618491fb214624d5f2b48e3a536 (patch)
tree: 60f6b2471263c19a82fef9d0ba876d80867e91bb /docs/auth/session.md
parent: Merge pull request #6681 from chrismeyersfsu/fix-cluster_stupid_bash (diff)
download: awx-11b1d0e84c1d5618491fb214624d5f2b48e3a536.tar.xz
awx-11b1d0e84c1d5618491fb214624d5f2b48e3a536.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/docs/auth/session.md b/docs/auth/session.md
index 08c65c17a2..65cc097f83 100644
--- a/docs/auth/session.md
+++ b/docs/auth/session.md
@@ -14,7 +14,7 @@ hijack cookies will only get the `session_id` itself, which does not imply any c
 a limited time, and can be revoked at any time.
 
 > Note: The CSRF token will by default allow HTTP.  To increase security, the `CSRF_COOKIE_SECURE` setting should
-be set to False.  
+be set to True.
 
 
 ## Usage
author	Bill Nottingham <notting@splat.cc>	2020-04-16 21:34:31 +0200
committer	Bill Nottingham <notting@splat.cc>	2020-04-16 21:34:38 +0200
commit	11b1d0e84c1d5618491fb214624d5f2b48e3a536 (patch)
tree	60f6b2471263c19a82fef9d0ba876d80867e91bb /docs/auth/session.md
parent	Merge pull request #6681 from chrismeyersfsu/fix-cluster_stupid_bash (diff)
download	awx-11b1d0e84c1d5618491fb214624d5f2b48e3a536.tar.xz awx-11b1d0e84c1d5618491fb214624d5f2b48e3a536.zip