Skip to content
GitLab
Explore
Sign in
Register
Primary navigation
Search or go to…
Project
Backend
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Deploy
Releases
Container Registry
Analyze
Contributor analytics
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Arkindex
Backend
Merge requests
!2261
Enable HttpOnly on session cookies
Code
Review changes
Check out branch
Download
Patches
Plain diff
Merged
Enable HttpOnly on session cookies
session-httponly
into
master
Overview
0
Commits
1
Pipelines
0
Changes
1
Merged
Theo Lesage
requested to merge
session-httponly
into
master
1 year ago
Overview
0
Commits
1
Pipelines
0
Changes
1
Expand
Closes
#1721 (closed)
0
0
Merge request reports
Compare
master
version 1
27bc8232
1 year ago
master (base)
and
latest version
latest version
155974a6
1 commit,
1 year ago
version 1
27bc8232
1 commit,
1 year ago
1 file
+
0
−
2
Inline
Compare changes
Side-by-side
Inline
Show whitespace changes
Show one file at a time
arkindex/project/settings.py
+
0
−
2
Options
@@ -438,8 +438,6 @@ SESSION_COOKIE_NAME = conf["session"]["cookie_name"]
SESSION_COOKIE_DOMAIN
=
conf
[
"
session
"
][
"
cookie_domain
"
]
SESSION_COOKIE_SAMESITE
=
conf
[
"
session
"
][
"
cookie_samesite
"
].
value
SESSION_COOKIE_SECURE
=
conf
[
"
session
"
][
"
cookie_secure
"
]
# Required for authentication over websockets
SESSION_COOKIE_HTTPONLY
=
False
# When a real cache system is available, write the session to the cache
# and to the database (write-through), so that the backend can immediately checks
Loading