inventree/InvenTree
2
0
Fork 0
mirror of https://github.com/inventree/InvenTree.git synced 2025-04-28 11:36:44 +00:00
Code

Fix default value for SESSION_COOKIE_SECURE (#8767) (#8769)

Browse Source 
- Default value was previously 'True'
- Documentation indicated that it was 'False'
- Value in config_template.yaml was 'False' (but commented out)

(cherry picked from commit d4ee8c53b21143bdf151010ebb3d3e27e1c3fb09)

Co-authored-by: Oliver <oliver.henry.walters@gmail.com>
This commit is contained in:
github-actions[bot] 2024-12-26 22:40:26 +11:00 committed by GitHub
parent cab7a06146
commit eed6223187
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/backend/InvenTree/InvenTree/settings.py
View File

@ -1218,7 +1218,9 @@ SESSION_COOKIE_SECURE = (
if DEBUG if DEBUG
else ( else (
SESSION_COOKIE_SAMESITE == 'None' SESSION_COOKIE_SAMESITE == 'None'
or get_boolean_setting('INVENTREE_SESSION_COOKIE_SECURE', 'cookie.secure', True) or get_boolean_setting(
'INVENTREE_SESSION_COOKIE_SECURE', 'cookie.secure', False
)
) )
) )

6
src/backend/InvenTree/config_template.yaml
View File

@ -124,9 +124,9 @@ use_x_forwarded_host: false
use_x_forwarded_port: false use_x_forwarded_port: false
# Cookie settings (nominally the default settings should be fine) # Cookie settings (nominally the default settings should be fine)
#cookie: cookie:
# secure: false secure: false
# samesite: false samesite: false
# Cross Origin Resource Sharing (CORS) settings (see https://github.com/adamchainz/django-cors-headers) # Cross Origin Resource Sharing (CORS) settings (see https://github.com/adamchainz/django-cors-headers)
cors: cors: