diff --git a/config/settings.py b/config/settings.py
index 9f845f50..ff84db04 100755
--- a/config/settings.py
+++ b/config/settings.py
@@ -93,6 +93,7 @@ INSTALLED_APPS += [
 INSTALLED_APPS += ["ak", "users", "versions", "libraries", "mailing_list"]
 
 AUTH_USER_MODEL = "users.User"
+CSRF_COOKIE_HTTPONLY = True
 
 MIDDLEWARE = [
     "tracer.middleware.RequestID",