added cookie security stuff

This commit is contained in:
Netali 2021-05-08 07:38:33 +02:00
parent 2505bf8b3a
commit a21672c4aa
1 changed files with 3 additions and 0 deletions

View File

@ -21,6 +21,9 @@ def set_session_timeout():
def configure_app(app): def configure_app(app):
app.secret_key = secret['secret_key'] app.secret_key = secret['secret_key']
app.config['SESSION_COOKIE_SECURE'] = True
app.config['SESSION_COOKIE_HTTPONLY'] = True
app.config['SESSION_COOKIE_SAMESITE'] = 'Lax'
def init_jinja(app): def init_jinja(app):