diff options
author | Gina Häußge <gina@octoprint.org> | 2022-10-12 16:09:41 +0300 |
---|---|---|
committer | Gina Häußge <gina@octoprint.org> | 2022-10-12 16:09:41 +0300 |
commit | 9416cf17bc1801cba09dd63da47bf30367138cd4 (patch) | |
tree | fd6e1013f0ae5c5bbd8ffade2568c00322fc29c5 | |
parent | ecd9dcf6ecf52976471ca52eb031508bc2992ee3 (diff) |
🚸 Default to secure cookie setting on https
-rw-r--r-- | src/octoprint/server/util/flask.py | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/octoprint/server/util/flask.py b/src/octoprint/server/util/flask.py index 132663df5..569d51a19 100644 --- a/src/octoprint/server/util/flask.py +++ b/src/octoprint/server/util/flask.py @@ -588,7 +588,9 @@ class OctoPrintFlaskResponse(flask.Response): kwargs["samesite"] = samesite # set secure if necessary - kwargs["secure"] = settings().getBoolean(["server", "cookies", "secure"]) + kwargs["secure"] = flask.request.environ.get( + "wsgi.url_scheme" + ) == "https" or settings().getBoolean(["server", "cookies", "secure"]) # tie account properties to remember me cookie (e.g. current password hash) if key == current_app.config.get("REMEMBER_COOKIE_NAME", REMEMBER_COOKIE_NAME): |