Files
@ 43ad9c3b7d5d
Branch filter:
Location: kallithea/setup.cfg - annotation
43ad9c3b7d5d
864 B
text/x-ini
middleware: use secure cookies over secure connections
HTTP cookie spec defines secure cookies, which are transmitted only over secure
connections (HTTPS). Using them helps protect against some attacks, but cookies
shouldn't be made secure when we don't have HTTPS configured. As it is now, it's
left at user's discretion, but probably it's a good idea to force secure cookies
when they can be used.
In the current implementation, cookies are issued to users before they actually
try to log in, on the first page load. So if that happens over HTTPS, it's
probably safe to assume secure cookies can be used, and to default to normal
"insecure" cookies if HTTPS isn't available.
It's not easy to sneak into Beaker's internals, and it doesn't support selective
secureness, so we use our own wrapper around Beaker's SessionMiddleware class to
give secure cookies over HTTPS connections. Beaker's built-in mechanism for
secure cookies is forced to add the flag when needed only.
HTTP cookie spec defines secure cookies, which are transmitted only over secure
connections (HTTPS). Using them helps protect against some attacks, but cookies
shouldn't be made secure when we don't have HTTPS configured. As it is now, it's
left at user's discretion, but probably it's a good idea to force secure cookies
when they can be used.
In the current implementation, cookies are issued to users before they actually
try to log in, on the first page load. So if that happens over HTTPS, it's
probably safe to assume secure cookies can be used, and to default to normal
"insecure" cookies if HTTPS isn't available.
It's not easy to sneak into Beaker's internals, and it doesn't support selective
secureness, so we use our own wrapper around Beaker's SessionMiddleware class to
give secure cookies over HTTPS connections. Beaker's built-in mechanism for
secure cookies is forced to add the flag when needed only.
564e40829f80 acaa02179aeb acaa02179aeb acaa02179aeb 564e40829f80 564e40829f80 acaa02179aeb acaa02179aeb acaa02179aeb acaa02179aeb acaa02179aeb 564e40829f80 8c1258f69892 552e47cd0f36 8c1258f69892 564e40829f80 7e5f8c12a3fc 7e5f8c12a3fc 564e40829f80 564e40829f80 564e40829f80 564e40829f80 7e5f8c12a3fc 10df28cbcce7 ad38f9f93b3b 3483de9d11e5 564e40829f80 564e40829f80 7e5f8c12a3fc 7e5f8c12a3fc 7e5f8c12a3fc 564e40829f80 564e40829f80 7e5f8c12a3fc 7e5f8c12a3fc 7e5f8c12a3fc 564e40829f80 0a48c1ec04fc 0a48c1ec04fc 0a48c1ec04fc acaa02179aeb acaa02179aeb 0a48c1ec04fc 0a48c1ec04fc 3483de9d11e5 acaa02179aeb | [egg_info]
tag_build =
tag_svn_revision = 0
tag_date = 0
[nosetests]
verbose = True
verbosity = 2
with-pylons = test.ini
detailed-errors = 1
nologcapture = 1
[pytest]
norecursedirs = .* *.egg kallithea/tests/scripts
[compile_catalog]
domain = kallithea
directory = kallithea/i18n
statistics = true
[extract_messages]
add_comments = TRANSLATORS:
output_file = kallithea/i18n/kallithea.pot
msgid-bugs-address = translations@kallithea-scm.org
copyright-holder = Various authors, licensing as GPLv3
no-wrap = true
[init_catalog]
domain = kallithea
input_file = kallithea/i18n/kallithea.pot
output_dir = kallithea/i18n
[update_catalog]
domain = kallithea
input_file = kallithea/i18n/kallithea.pot
output_dir = kallithea/i18n
previous = true
[build_sphinx]
source-dir = docs/
build-dir = docs/_build
all_files = 1
[upload_sphinx]
upload-dir = docs/_build/html
|