mirrors/calibre-web
1
0
Fork 0
mirror of https://github.com/janeczku/calibre-web synced 2025-10-31 07:13:02 +00:00
Code Issues Releases Wiki Activity

Improve a bit the cookie's hardening

Browse Source 
- Samesite for session cookies as well as the remember me ones
- Httponly
This commit is contained in:
jvoisin
2020-05-09 14:42:28 +02:00
parent 189243a9b0
commit bf166b757a
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
cps/__init__.py
View File

@@ -56,6 +56,12 @@ mimetypes.add_type('application/ogg', '.ogg')
mimetypes.add_type('application/ogg', '.oga')
app = Flask(__name__)
app.config.update(
SESSION_COOKIE_HTTPONLY=True,
SESSION_COOKIE_SAMESITE='Lax',
REMEMBER_COOKIE_SAMESITE='Lax',
)
lm = LoginManager()
lm.login_view = 'web.login'