48k.eu-mirror
/
ogcp
mirror of https://git.48k.eu/ogcp
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

ogcp: set default SameSite attribute in session cookie 

Set the SameSite attribute to 'Lax' if not defined.

The SameSite attribute is a cross-site tracking prevention measure
and defines when cookies are sent within the HTTP headers and
the cases when they are not sent.

The 'Lax' configuration has the following features:
- Cookies are sent with same domain requests.
- Cookies are sent when the user navigates to your site by clicking
  a link or submitting a form from another site.
- Not sent with requests made from other sites such as embeded content.

Prevent warning from browsers such as Firefox from complaining
about undefined SameSite value.
master 1.1.3-23
Alejandro Sirgo Rica 2024-06-27 16:35:45 +02:00
parent 57b78a03bd
commit 31d6065a85
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ogcp/__init__.py
View File

@ -16,6 +16,10 @@ ogcp_cfg_path = 'cfg/ogcp.json'
app = Flask(__name__)
app.config.from_json(ogcp_cfg_path)
if 'SESSION_COOKIE_SAMESITE' not in app.config or not app.config['SESSION_COOKIE_SAMESITE']:
app.config['SESSION_COOKIE_SAMESITE'] = 'Lax'
app.secret_key = urandom(16)
class NoScopeStatus(logging.Filter):