]> git.ipfire.org Git - ipfire.org.git/commitdiff
projects / ipfire.org.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8f9e394)
web: Set secure attribute for XSRF cookie
authorMichael Tremer <michael.tremer@ipfire.org>
Thu, 15 Feb 2024 16:12:58 +0000 (16:12 +0000)
committerMichael Tremer <michael.tremer@ipfire.org>
Thu, 15 Feb 2024 16:12:58 +0000 (16:12 +0000)
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
src/web/__init__.py patch | blob | blame | history

diff --git a/src/web/__init__.py b/src/web/__init__.py
index 3ca6d73de9d9ce1aef6d07e5a20a955c5d56c285..0ea16fcd8080aa0e5e57329cf8be45f1f0349e1d 100644 (file)
--- a/src/web/__init__.py
+++ b/src/web/__init__.py
@@ -41,6 +41,9 @@ class Application(tornado.web.Application):
 
                        # Enable XSRF cookies
                        "xsrf_cookies" : True,
+                       "xsrf_cookie_kwargs" : {
+                               "secure" : True,
+                       },
 
                        # Login
                        "login_url" : "/login",
The website of ipfire.org.