diff --git a/configs/docker_config.py b/configs/docker_config.py index 6666fc2..ba0a233 100644 --- a/configs/docker_config.py +++ b/configs/docker_config.py @@ -2,6 +2,7 @@ BIND_ADDRESS = '0.0.0.0' PORT = 80 SQLALCHEMY_DATABASE_URI = 'sqlite:////data/powerdns-admin.db' +CSRF_COOKIE_HTTPONLY = True legal_envvars = ( 'SECRET_KEY', diff --git a/powerdnsadmin/default_config.py b/powerdnsadmin/default_config.py index 16b8161..8737680 100644 --- a/powerdnsadmin/default_config.py +++ b/powerdnsadmin/default_config.py @@ -10,6 +10,7 @@ PORT = 9191 HSTS_ENABLED = False OFFLINE_MODE = False FILESYSTEM_SESSIONS_ENABLED = False +CSRF_COOKIE_HTTPONLY = True ### DATABASE CONFIG SQLA_DB_USER = 'pda'