Verified Commit b9a642da authored by shibayashi's avatar shibayashi

Add Secure and SameSite cookie flags

parent 5ffaa2bf
......@@ -24,7 +24,8 @@ config :pleroma, Pleroma.Web.Endpoint,
protocol: "https",
secret_key_base: "aK4Abxf29xU9TTDKre9coZPUgevcVCFQJe/5xP/7Lt4BEif6idBIbjupVbOrbKxl",
render_errors: [view: Pleroma.Web.ErrorView, accepts: ~w(json)],
pubsub: [name: Pleroma.PubSub, adapter: Phoenix.PubSub.PG2]
pubsub: [name: Pleroma.PubSub, adapter: Phoenix.PubSub.PG2],
secure_cookie_flag: true
# Configures Elixir's Logger
config :logger, :console,
......
......@@ -49,7 +49,9 @@ defmodule Pleroma.Web.Endpoint do
Plug.Session,
store: :cookie,
key: "_pleroma_key",
signing_salt: "CqaoopA2"
signing_salt: "CqaoopA2",
secure: Application.get_env(:pleroma, Pleroma.Web.Endpoint) |> Keyword.get(:secure_cookie_flag),
extra: "SameSite=Lax"
)
plug(Pleroma.Web.Router)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment