Skip to content
Snippets Groups Projects
Commit dafc5077 authored by Roang's avatar Roang
Browse files

Add SESSION_COOKIE_SECURE to env vars

parent b070d7b8
Branches
No related tags found
No related merge requests found
...@@ -45,6 +45,7 @@ env = environ.FileAwareEnv( ...@@ -45,6 +45,7 @@ env = environ.FileAwareEnv(
SENTRY_ENVIRONMENT=(str, 'production'), SENTRY_ENVIRONMENT=(str, 'production'),
SENTRY_TRACES_SAMPLE_RATE=(float, 0.05), # create a trace for this percentage of all requests SENTRY_TRACES_SAMPLE_RATE=(float, 0.05), # create a trace for this percentage of all requests
SENTRY_PROFILES_SAMPLE_RATE=(float, 0.50), # do a profiling for this percentage of _traced_ requests SENTRY_PROFILES_SAMPLE_RATE=(float, 0.50), # do a profiling for this percentage of _traced_ requests
SESSION_COOKIE_SECURE=(bool, True),
SSO_SECRET=(str, None), SSO_SECRET=(str, None),
SSO_SECRET_GENERATE=(bool, False), SSO_SECRET_GENERATE=(bool, False),
PRETIX_ISSUER=(str, 'tickets.events.ccc.de'), PRETIX_ISSUER=(str, 'tickets.events.ccc.de'),
...@@ -267,7 +268,7 @@ SESSION_COOKIE_NAME = env('COOKIE_NAME') ...@@ -267,7 +268,7 @@ SESSION_COOKIE_NAME = env('COOKIE_NAME')
SESSION_COOKIE_HTTPONLY = True # session cookie is unavailable to JavaScript (default) SESSION_COOKIE_HTTPONLY = True # session cookie is unavailable to JavaScript (default)
SESSION_COOKIE_SAMESITE = 'Lax' # set SameSite=Lax (default) SESSION_COOKIE_SAMESITE = 'Lax' # set SameSite=Lax (default)
SESSION_COOKIE_PATH = env('COOKIE_PATH') or '/' # use configured path, SESSION_NAME or default '/' SESSION_COOKIE_PATH = env('COOKIE_PATH') or '/' # use configured path, SESSION_NAME or default '/'
SESSION_COOKIE_SECURE = True # mark session cookie as https-only SESSION_COOKIE_SECURE = env('SESSION_COOKIE_SECURE') # mark session cookie as https-only
SESSION_SAVE_EVERY_REQUEST = False # no need to update a session on each request (default) SESSION_SAVE_EVERY_REQUEST = False # no need to update a session on each request (default)
# CSRF Cookie configuration # CSRF Cookie configuration
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment