You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@superset.apache.org by mi...@apache.org on 2023/12/04 17:09:29 UTC

(superset) 02/16: fix(security): restore default value of SESSION_COOKIE_SECURE to False (#26005)

This is an automated email from the ASF dual-hosted git repository.

michaelsmolina pushed a commit to branch 3.0
in repository https://gitbox.apache.org/repos/asf/superset.git

commit 0c0bb50d4147ce056a84ce2133d8e653a0f0a4ef
Author: Sam Firke <sf...@users.noreply.github.com>
AuthorDate: Tue Nov 21 09:10:56 2023 -0500

    fix(security): restore default value of SESSION_COOKIE_SECURE to False (#26005)
    
    (cherry picked from commit bba7763825013689a4f4b4985b54d8802e61eef6)
---
 superset/config.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/superset/config.py b/superset/config.py
index e15c7bf990..164ea1a5be 100644
--- a/superset/config.py
+++ b/superset/config.py
@@ -1426,6 +1426,7 @@ TALISMAN_CONFIG = {
     },
     "content_security_policy_nonce_in": ["script-src"],
     "force_https": False,
+    "session_cookie_secure": False,
 }
 # React requires `eval` to work correctly in dev mode
 TALISMAN_DEV_CONFIG = {
@@ -1447,6 +1448,7 @@ TALISMAN_DEV_CONFIG = {
     },
     "content_security_policy_nonce_in": ["script-src"],
     "force_https": False,
+    "session_cookie_secure": False,
 }
 
 #