Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Be able to configure the cookie same site #5124

Merged
merged 1 commit into from
Jul 2, 2019
Merged

Be able to configure the cookie same site #5124

merged 1 commit into from
Jul 2, 2019

Conversation

sbrunner
Copy link
Member

@sbrunner sbrunner commented Jul 2, 2019

No description provided.

@sbrunner sbrunner added this to the 2.5 milestone Jul 2, 2019
@camptocamp camptocamp deleted a comment Jul 2, 2019
@sbrunner sbrunner requested a review from pvalsecc July 2, 2019 12:46
@sbrunner sbrunner marked this pull request as ready for review July 2, 2019 12:46
pvalsecc
pvalsecc approved these changes Jul 2, 2019
View reviewed changes
geoportal/c2cgeoportal_geoportal/lib/authentication.py
from pyramid_multiauth import MultiAuthenticationPolicy

from c2cgeoportal_geoportal.resources import defaultgroupsfinder

LOG = logging.getLogger(__name__)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not used...

@sbrunner sbrunner merged commit 8fe27a4 into master Jul 2, 2019
@sbrunner sbrunner deleted the cross-site-auth branch July 2, 2019 14:55
arnaud-morvan
arnaud-morvan reviewed Jul 2, 2019
View reviewed changes
geoportal/c2cgeoportal_geoportal/lib/authentication.py
callback=defaultgroupsfinder,
cookie_name=settings["authtkt_cookie_name"],
samesite=samesite is None if samesite == '' else samesite,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

samesite == '' => samesite is None == False
So it could be simplified to:

False if samesite == '' else samesite

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oups thanks :-)

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

=> #5127

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But False is not a correct value for samesite:

samesite

    Default: 'Lax'. The 'samesite' option of the session cookie. Set the value to None to turn off the samesite option.

So it should be correct and really simpler with:

samesite=samesite or None

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note: for boolean settings it would be better to use pyramid.settings.asbool

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@arnaud-morvan arnaud-morvan arnaud-morvan left review comments

@pvalsecc pvalsecc pvalsecc approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
2.5
Development

Successfully merging this pull request may close these issues.
3 participants
@sbrunner @pvalsecc @arnaud-morvan