alex/voyage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Set SESSION_COOKIE_SAMESITE to 'Lax' for improved security

Browse Source
This commit is contained in:
Sean Morley
2025-02-16 15:35:10 -05:00
parent 670e499d8f
commit 2713b3640f
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
backend/server/main/settings.py
View File

@@ -131,7 +131,7 @@ USE_TZ = True
unParsedFrontenedUrl = getenv('FRONTEND_URL', 'http://localhost:3000') unParsedFrontenedUrl = getenv('FRONTEND_URL', 'http://localhost:3000')
FRONTEND_URL = unParsedFrontenedUrl.translate(str.maketrans('', '', '\'"')) FRONTEND_URL = unParsedFrontenedUrl.translate(str.maketrans('', '', '\'"'))
SESSION_COOKIE_SAMESITE = None SESSION_COOKIE_SAMESITE = 'Lax'
SESSION_COOKIE_SECURE = FRONTEND_URL.startswith('https') SESSION_COOKIE_SECURE = FRONTEND_URL.startswith('https')