Files
@ 43ad9c3b7d5d
Branch filter:
Location: kallithea/docs/api/models.rst - annotation
43ad9c3b7d5d
632 B
text/prs.fallenstein.rst
middleware: use secure cookies over secure connections
HTTP cookie spec defines secure cookies, which are transmitted only over secure
connections (HTTPS). Using them helps protect against some attacks, but cookies
shouldn't be made secure when we don't have HTTPS configured. As it is now, it's
left at user's discretion, but probably it's a good idea to force secure cookies
when they can be used.
In the current implementation, cookies are issued to users before they actually
try to log in, on the first page load. So if that happens over HTTPS, it's
probably safe to assume secure cookies can be used, and to default to normal
"insecure" cookies if HTTPS isn't available.
It's not easy to sneak into Beaker's internals, and it doesn't support selective
secureness, so we use our own wrapper around Beaker's SessionMiddleware class to
give secure cookies over HTTPS connections. Beaker's built-in mechanism for
secure cookies is forced to add the flag when needed only.
HTTP cookie spec defines secure cookies, which are transmitted only over secure
connections (HTTPS). Using them helps protect against some attacks, but cookies
shouldn't be made secure when we don't have HTTPS configured. As it is now, it's
left at user's discretion, but probably it's a good idea to force secure cookies
when they can be used.
In the current implementation, cookies are issued to users before they actually
try to log in, on the first page load. So if that happens over HTTPS, it's
probably safe to assume secure cookies can be used, and to default to normal
"insecure" cookies if HTTPS isn't available.
It's not easy to sneak into Beaker's internals, and it doesn't support selective
secureness, so we use our own wrapper around Beaker's SessionMiddleware class to
give secure cookies over HTTPS connections. Beaker's built-in mechanism for
secure cookies is forced to add the flag when needed only.
64a5386216c5 bb35ad076e2f 17c9393e9645 bb35ad076e2f bb35ad076e2f bb35ad076e2f 7e5f8c12a3fc bb35ad076e2f 8b8edfc25856 7e5f8c12a3fc 9da24750f563 8b8edfc25856 7e5f8c12a3fc 8b8edfc25856 9da24750f563 7e5f8c12a3fc bb35ad076e2f 9da24750f563 7e5f8c12a3fc 8b8edfc25856 9da24750f563 7e5f8c12a3fc 8b8edfc25856 bb35ad076e2f 499c513967a1 9da24750f563 8b8edfc25856 7e5f8c12a3fc bb35ad076e2f 8b8edfc25856 7e5f8c12a3fc 8b8edfc25856 8b8edfc25856 499c513967a1 8b8edfc25856 | .. _models:
========================
The :mod:`models` Module
========================
.. automodule:: kallithea.model
:members:
.. automodule:: kallithea.model.comment
:members:
.. automodule:: kallithea.model.notification
:members:
.. automodule:: kallithea.model.permission
:members:
.. automodule:: kallithea.model.repo_permission
:members:
.. automodule:: kallithea.model.repo
:members:
.. automodule:: kallithea.model.repo_group
:members:
.. automodule:: kallithea.model.scm
:members:
.. automodule:: kallithea.model.user
:members:
.. automodule:: kallithea.model.user_group
:members:
|