mirror of
https://github.com/cwinfo/powerdns-admin.git
synced 2025-01-14 14:16:29 +00:00
52b704baeb
Setting this attribute on a cookie marks it as non-cross-site, so it is only send in requests to our own server. It is reasonable that no one else should need our session or csrf data. Setting it explicitly also prevents any issues from the ongoing change in browser behaviour [0] when it is unset. Seasurf supports the SameSite attribute starting with v0.3. As nothing obviously broke, I used the opportunity and updated all the way to the most recent version. The SeaSurf default for SameSite is already `Lax`, so it only needs to be set for the session cookie. [0] https://developers.google.com/search/blog/2020/01/get-ready-for-new-samesitenone-secure
37 lines
905 B
Python
37 lines
905 B
Python
import os
|
|
import urllib.parse
|
|
basedir = os.path.abspath(os.path.dirname(__file__))
|
|
|
|
### BASIC APP CONFIG
|
|
SALT = '$2b$12$yLUMTIfl21FKJQpTkRQXCu'
|
|
SECRET_KEY = 'e951e5a1f4b94151b360f47edf596dd2'
|
|
BIND_ADDRESS = '0.0.0.0'
|
|
PORT = 9191
|
|
HSTS_ENABLED = False
|
|
OFFLINE_MODE = False
|
|
FILESYSTEM_SESSIONS_ENABLED = False
|
|
SESSION_COOKIE_SAMESITE = 'Lax'
|
|
CSRF_COOKIE_HTTPONLY = True
|
|
|
|
### DATABASE CONFIG
|
|
SQLA_DB_USER = 'pda'
|
|
SQLA_DB_PASSWORD = 'changeme'
|
|
SQLA_DB_HOST = '127.0.0.1'
|
|
SQLA_DB_NAME = 'pda'
|
|
SQLALCHEMY_TRACK_MODIFICATIONS = True
|
|
|
|
### DATABASE - MySQL
|
|
SQLALCHEMY_DATABASE_URI = 'mysql://{}:{}@{}/{}'.format(
|
|
urllib.parse.quote_plus(SQLA_DB_USER),
|
|
urllib.parse.quote_plus(SQLA_DB_PASSWORD),
|
|
SQLA_DB_HOST,
|
|
SQLA_DB_NAME
|
|
)
|
|
|
|
### DATABASE - SQLite
|
|
# SQLALCHEMY_DATABASE_URI = 'sqlite:///' + os.path.join(basedir, 'pdns.db')
|
|
|
|
# SAML Authnetication
|
|
SAML_ENABLED = False
|
|
SAML_ASSERTION_ENCRYPTED = True
|