From 3ff0af7c7a5b02b068ba287a7f55bd1b72ba6888 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Brunner?= Date: Thu, 5 Jul 2018 12:49:46 +0200 Subject: [PATCH] Send cookies only on https --- geoportal/c2cgeoportal_geoportal/lib/authentication.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/geoportal/c2cgeoportal_geoportal/lib/authentication.py b/geoportal/c2cgeoportal_geoportal/lib/authentication.py index 566e0c1797..ccad1f0dcc 100644 --- a/geoportal/c2cgeoportal_geoportal/lib/authentication.py +++ b/geoportal/c2cgeoportal_geoportal/lib/authentication.py @@ -45,7 +45,7 @@ def create_authentication(settings): callback=defaultgroupsfinder, cookie_name=settings["authtkt_cookie_name"], timeout=timeout, max_age=timeout, reissue_time=reissue_time, - hashalg="sha512", http_only=True + hashalg="sha512", http_only=True, secure=True, ) basic_authentication_policy = BasicAuthAuthenticationPolicy(c2cgeoportal_check) policies = [cookie_authentication_policy, basic_authentication_policy]