vbatts/microblog.pub
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #82 from hiromi-mi/make_session_cookie_secure

Browse source 
Set Secure Flag On Cookie When Served As HTTPS
This commit is contained in:
Thomas Sileo 2020-06-12 09:02:11 +02:00 committed by GitHub
commit 8903a1f56a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
app.py
View file

@ -93,6 +93,9 @@ app.register_blueprint(blueprints.indieauth.blueprint)
app.register_blueprint(blueprints.tasks.blueprint) app.register_blueprint(blueprints.tasks.blueprint)
app.register_blueprint(blueprints.well_known.blueprint) app.register_blueprint(blueprints.well_known.blueprint)
app.config.update(WTF_CSRF_CHECK_DEFAULT=False) app.config.update(WTF_CSRF_CHECK_DEFAULT=False)
app.config.update(SESSION_COOKIE_SECURE=True if config.SCHEME == "https" else False)
csrf.init_app(app) csrf.init_app(app)
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)