Describe the bug
Console will show tons of errors (but may still show images depending on browser) when a non-publc TLD like (adventure.my.lan) is used. This is caused by the way that publicsuffix2 parses the hostname in django's settings.py.

All images served from Django will have an incorrect value for domain in the set-cookie header (in this above example: .lan).

To Reproduce
Use a PUBLIC_URL (and other related domain settings) like adventure.my.lan or any non public TLD.

Expected behavior
No console errors + correctly use set-cookie domain value of .my.lan.

Possible Fixes
I think the most minimal fix would be to allow defining/overriding your own SESSION_COOKIE_DOMAIN as an environment variable, as the current behaviour is probably fine for the vast majority of uses-cases.

I currently have a fix for this and am happy to make a PR if you want this above behaviour.

Alternatively instead of using publicsuffix2 an implementation to infer the cookie domain could be written, and the project would have one less dependency since setting SESSION_COOKIE_DOMAIN is the only use of it.