Merge pull request #1413 from coreos-inc/alwayssecure

Ensure that the `Secure` flag is set on session cookies when under HTTPS
This commit is contained in:
josephschorr 2016-05-03 14:13:26 -04:00
commit 0d794422bf

20
app.py
View file

@ -78,6 +78,19 @@ _distributed_storage_preference = os.environ.get('QUAY_DISTRIBUTED_STORAGE_PREFE
if _distributed_storage_preference:
app.config['DISTRIBUTED_STORAGE_PREFERENCE'] = _distributed_storage_preference
# Generate a secret key if none was specified.
if app.config['SECRET_KEY'] is None:
logger.debug('Generating in-memory secret key')
app.config['SECRET_KEY'] = generate_secret_key()
# If the "preferred" scheme is https, then http is not allowed. Therefore, ensure we have a secure
# session cookie.
if app.config['PREFERRED_URL_SCHEME'] == 'https':
app.config['SESSION_COOKIE_SECURE'] = True
# Load features from config.
features.import_features(app.config)
class RequestWithId(Request):
request_gen = staticmethod(urn_generator(['request']))
@ -112,13 +125,6 @@ for handler in root_logger.handlers:
app.request_class = RequestWithId
# Generate a secret key if none was specified.
if app.config['SECRET_KEY'] is None:
logger.debug('Generating in-memory secret key')
app.config['SECRET_KEY'] = generate_secret_key()
features.import_features(app.config)
# Register custom converters.
class RegexConverter(BaseConverter):
""" Converter for handling custom regular expression patterns in paths. """