From 1a7752444735a33e471981e5fb85a789a1cd8777 Mon Sep 17 00:00:00 2001 From: corubba Date: Fri, 27 May 2022 12:53:32 +0200 Subject: [PATCH] Allow secure cookies in docker Setting these two options to True is recommended if (and only if) you serve PDA via TLS. It will break things on plain-HTTP deployments. For plain deployments these can be set in the flask config file, for docker they have to be whitelisted to be set via env vars. --- configs/docker_config.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/configs/docker_config.py b/configs/docker_config.py index ba0a233..2cc6310 100644 --- a/configs/docker_config.py +++ b/configs/docker_config.py @@ -57,7 +57,9 @@ legal_envvars = ( 'LDAP_ENABLED', 'SAML_CERT', 'SAML_KEY', - 'FILESYSTEM_SESSIONS_ENABLED' + 'FILESYSTEM_SESSIONS_ENABLED', + 'SESSION_COOKIE_SECURE', + 'CSRF_COOKIE_SECURE', ) legal_envvars_int = ('PORT', 'MAIL_PORT', 'SAML_METADATA_CACHE_LIFETIME') @@ -79,7 +81,9 @@ legal_envvars_bool = ( 'SIGNUP_ENABLED', 'LOCAL_DB_ENABLED', 'LDAP_ENABLED', - 'FILESYSTEM_SESSIONS_ENABLED' + 'FILESYSTEM_SESSIONS_ENABLED', + 'SESSION_COOKIE_SECURE', + 'CSRF_COOKIE_SECURE', ) # import everything from environment variables