Add Secure and SameSite cookie flags
This commit is contained in:
parent
5ffaa2bf69
commit
b9a642da1e
2 changed files with 5 additions and 2 deletions
|
@ -24,7 +24,8 @@ config :pleroma, Pleroma.Web.Endpoint,
|
|||
protocol: "https",
|
||||
secret_key_base: "aK4Abxf29xU9TTDKre9coZPUgevcVCFQJe/5xP/7Lt4BEif6idBIbjupVbOrbKxl",
|
||||
render_errors: [view: Pleroma.Web.ErrorView, accepts: ~w(json)],
|
||||
pubsub: [name: Pleroma.PubSub, adapter: Phoenix.PubSub.PG2]
|
||||
pubsub: [name: Pleroma.PubSub, adapter: Phoenix.PubSub.PG2],
|
||||
secure_cookie_flag: true
|
||||
|
||||
# Configures Elixir's Logger
|
||||
config :logger, :console,
|
||||
|
|
|
@ -49,7 +49,9 @@ defmodule Pleroma.Web.Endpoint do
|
|||
Plug.Session,
|
||||
store: :cookie,
|
||||
key: "_pleroma_key",
|
||||
signing_salt: "CqaoopA2"
|
||||
signing_salt: "CqaoopA2",
|
||||
secure: Application.get_env(:pleroma, Pleroma.Web.Endpoint) |> Keyword.get(:secure_cookie_flag),
|
||||
extra: "SameSite=Lax"
|
||||
)
|
||||
|
||||
plug(Pleroma.Web.Router)
|
||||
|
|
Loading…
Reference in a new issue