From f63ec28ee219246fe3cbb7c3bc37762ac44cdc27 Mon Sep 17 00:00:00 2001
From: Florent Daigniere <nextgens@freenetproject.org>
Date: Thu, 18 Feb 2021 12:31:45 +0100
Subject: [PATCH] Set sensible cookie options

(cherry picked from commit aa8cb9890693b1563cb873df79d50a2fab6230e3)

# Conflicts:
#	core/admin/mailu/configuration.py
---
 core/admin/mailu/configuration.py | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/core/admin/mailu/configuration.py b/core/admin/mailu/configuration.py
index e568deb9..d871119a 100644
--- a/core/admin/mailu/configuration.py
+++ b/core/admin/mailu/configuration.py
@@ -143,8 +143,18 @@ class ConfigManager:
             template = self.DB_TEMPLATES[self.config['DB_FLAVOR']]
             self.config['SQLALCHEMY_DATABASE_URI'] = template.format(**self.config)
 
+<<<<<<< HEAD
         if not self.config.get('RATELIMIT_STORAGE_URL'):
             self.config['RATELIMIT_STORAGE_URL'] = f'redis://{self.config["REDIS_ADDRESS"]}/2'
+=======
+        self.config['RATELIMIT_STORAGE_URL'] = 'redis://{0}/2'.format(self.config['REDIS_ADDRESS'])
+        self.config['QUOTA_STORAGE_URL'] = 'redis://{0}/1'.format(self.config['REDIS_ADDRESS'])
+        self.config['SESSION_COOKIE_SAMESITE'] = 'Strict'
+        self.config['SESSION_COOKIE_HTTPONLY'] = True
+        self.config['SESSION_COOKIE_SECURE'] = self.config['TLS_FLAVOR'] != 'notls'
+        # update the app config itself
+        app.config = self
+>>>>>>> aa8cb989 (Set sensible cookie options)
 
         self.config['SESSION_STORAGE_URL'] = f'redis://{self.config["REDIS_ADDRESS"]}/3'
         self.config['SESSION_COOKIE_SAMESITE'] = 'Strict'