Set SESSION_COOKIE_SECURE=True for live.

2026-04-12 13:20:43 -04:00 · 2016-01-28 15:01:44 +00:00
parent 32de812e6d
commit 5a17bba97e
2 changed files with 3 additions and 1 deletions
--- a/app/its_dangerous_session.py
+++ b/app/its_dangerous_session.py
@@ -47,4 +47,4 @@ class ItsdangerousSessionInterface(SessionInterface):
        val = self.get_serializer(app).dumps(dict(session))
        response.set_cookie(app.session_cookie_name, val,
                            expires=expires, httponly=True,
-                            domain=domain)
+                            domain=domain, secure=app.config.get('SESSION_COOKIE_SECURE'))
--- a/config.py
+++ b/config.py
@@ -56,6 +56,8 @@ class Test(Development):
 class Live(Config):
    DEBUG = False
    HTTP_PROTOCOL = 'https'
+    SESSION_COOKIE_SECURE = True
+

 configs = {
    'live': Live,