Make secure_flag environment var default to Enforce HTTPs

Also wraps parse_boolean around the os.get call for the secure_flag variable
2024-11-06 17:15:17 +00:00 · 2016-04-20 11:01:37 -05:00 · 2016-04-20 11:01:37 -05:00 · c19a0209eb
commit c19a0209eb
parent 17ca702cb3
1 changed files with 1 additions and 1 deletions
--- a/redash/settings.py
+++ b/redash/settings.py
@ -122,7 +122,7 @@ STATIC_ASSETS_PATHS = [fix_assets_path(path) for path in os.environ.get("REDASH_

 JOB_EXPIRY_TIME = int(os.environ.get("REDASH_JOB_EXPIRY_TIME", 3600 * 6))
 COOKIE_SECRET = os.environ.get("REDASH_COOKIE_SECRET", "c292a0a3aa32397cdb050e233733900f")
-SESSION_COOKIE_SECURE = os.environ.get("REDASH_SESSION_COOKIE_SECURE", False)
+SESSION_COOKIE_SECURE = parse_boolean(os.environ.get("REDASH_SESSION_COOKIE_SECURE") or str(ENFORCE_HTTPS))

 LOG_LEVEL = os.environ.get("REDASH_LOG_LEVEL", "INFO")