Allow secure cookies in docker

Setting these two options to True is recommended if (and only if) you
serve PDA via TLS. It will break things on plain-HTTP deployments.
For plain deployments these can be set in the flask config file, for
docker they have to be whitelisted to be set via env vars.
This commit is contained in:
corubba 2022-05-27 12:53:32 +02:00
parent ae2ad6527a
commit 1a77524447

View File

@ -57,7 +57,9 @@ legal_envvars = (
'LDAP_ENABLED', 'LDAP_ENABLED',
'SAML_CERT', 'SAML_CERT',
'SAML_KEY', 'SAML_KEY',
'FILESYSTEM_SESSIONS_ENABLED' 'FILESYSTEM_SESSIONS_ENABLED',
'SESSION_COOKIE_SECURE',
'CSRF_COOKIE_SECURE',
) )
legal_envvars_int = ('PORT', 'MAIL_PORT', 'SAML_METADATA_CACHE_LIFETIME') legal_envvars_int = ('PORT', 'MAIL_PORT', 'SAML_METADATA_CACHE_LIFETIME')
@ -79,7 +81,9 @@ legal_envvars_bool = (
'SIGNUP_ENABLED', 'SIGNUP_ENABLED',
'LOCAL_DB_ENABLED', 'LOCAL_DB_ENABLED',
'LDAP_ENABLED', 'LDAP_ENABLED',
'FILESYSTEM_SESSIONS_ENABLED' 'FILESYSTEM_SESSIONS_ENABLED',
'SESSION_COOKIE_SECURE',
'CSRF_COOKIE_SECURE',
) )
# import everything from environment variables # import everything from environment variables