Fix secure session cookie
This commit is contained in:
parent
969a758a8d
commit
259779770f
|
@ -18,7 +18,7 @@ app.secret_key = config.SECRET_KEY
|
|||
|
||||
# Security?
|
||||
if config.FORCE_SSL:
|
||||
app.SESSION_COOKIE_SECURE = True
|
||||
app.config['SESSION_COOKIE_SECURE'] = True
|
||||
sslify = SSLify(app)
|
||||
|
||||
# Load all the blueprints!
|
||||
|
|
|
@ -5,7 +5,9 @@
|
|||
from flask import g, request, redirect, url_for, flash
|
||||
import re
|
||||
import os
|
||||
import json
|
||||
|
||||
import config
|
||||
from rophako import app
|
||||
from rophako.utils import template, login_required
|
||||
import rophako.model.blog as Blog
|
||||
|
@ -99,10 +101,14 @@ def legacy_url(page):
|
|||
@app.route("/ssl_test")
|
||||
@login_required
|
||||
def ssl_test():
|
||||
criteria = [
|
||||
request.is_secure,
|
||||
app.debug,
|
||||
request.headers.get("X-Forwarded-Proto", "http") == "https"
|
||||
]
|
||||
|
||||
return str(criteria)
|
||||
return "<pre>{}</pre>".format(json.dumps({
|
||||
"SSLify criteria": {
|
||||
"request.is_secure": request.is_secure,
|
||||
"app.debug": app.debug,
|
||||
"X-Forwarded-Proto is http": request.headers.get("X-Forwarded-Proto", "http") == "https",
|
||||
},
|
||||
"App Configuration": {
|
||||
"Session cookies secure": app.config["SESSION_COOKIE_SECURE"],
|
||||
"config.FORCE_SSL": config.FORCE_SSL,
|
||||
},
|
||||
}))
|
||||
|
|
Loading…
Reference in New Issue
Block a user