Projet

Général

Profil

0002-settings-set-samesite-flag-on-cookies-when-possible-.patch

Benjamin Dauvergne, 30 novembre 2022 15:28

Télécharger (1,08 ko)

Voir les différences:

Subject: [PATCH 2/2] settings: set samesite flag on cookies when possible
 (#71880)

 src/authentic2/settings.py | 8 ++++++++
 1 file changed, 8 insertions(+)
src/authentic2/settings.py
19 19
import os
20 20

  
21 21
# Load default from Django
22
import django
22 23
from django.conf import global_settings
23 24
from django.utils.translation import gettext_lazy as _
24 25

  
......
59 60
SESSION_COOKIE_SECURE = True
60 61
CSRF_COOKIE_SECURE = True
61 62
LANGUAGE_COOKIE_SECURE = True
63
CSRF_COOKIE_SAMESITE = 'Lax'
64
if django.VERSION < (3, 1):
65
    SESSION_COOKIE_SAMESITE = 'Lax'
66
    LANGUAGE_COOKIE_SAMESITE = 'Lax'
67
else:
68
    SESSION_COOKIE_SAMESITE = 'None'
69
    LANGUAGE_COOKIE_SAMESITE = 'None'
62 70

  
63 71
# Hey Entr'ouvert is in France !!
64 72
TIME_ZONE = 'Europe/Paris'
65
-