scottk/Mailu-OIDC
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/Mailu-OIDC.git synced 2025-11-01 18:47:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix session cookie attributes

Browse Source
This commit is contained in:
Sebastian Wilke
2025-02-13 19:38:34 +01:00
parent 247e94dd6b
commit cd143af258
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
core/admin/mailu/configuration.py
View File

@@ -157,7 +157,7 @@ class ConfigManager:
self.config['RATELIMIT_STORAGE_URL'] = f'redis://{self.config["REDIS_ADDRESS"]}/2' self.config['RATELIMIT_STORAGE_URL'] = f'redis://{self.config["REDIS_ADDRESS"]}/2'
self.config['SESSION_STORAGE_URL'] = f'redis://{self.config["REDIS_ADDRESS"]}/3' self.config['SESSION_STORAGE_URL'] = f'redis://{self.config["REDIS_ADDRESS"]}/3'
self.config['SESSION_COOKIE_SAMESITE'] = 'Strict' self.config['SESSION_COOKIE_SAMESITE'] = 'Lax' # TODO: enhance security here
self.config['SESSION_COOKIE_HTTPONLY'] = True self.config['SESSION_COOKIE_HTTPONLY'] = True
if self.config['SESSION_COOKIE_SECURE'] is None: if self.config['SESSION_COOKIE_SECURE'] is None:
self.config['SESSION_COOKIE_SECURE'] = self.config['TLS_FLAVOR'] != 'notls' self.config['SESSION_COOKIE_SECURE'] = self.config['TLS_FLAVOR'] != 'notls'