From c19a0209ebd77b67166c2eeba3abe7e3546895cc Mon Sep 17 00:00:00 2001 From: Raymond Machira Date: Wed, 20 Apr 2016 11:01:37 -0500 Subject: [PATCH] Make secure_flag environment var default to Enforce HTTPs Also wraps parse_boolean around the os.get call for the secure_flag variable --- redash/settings.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/redash/settings.py b/redash/settings.py index b4abb2f5..7e567cbf 100644 --- a/redash/settings.py +++ b/redash/settings.py @@ -122,7 +122,7 @@ STATIC_ASSETS_PATHS = [fix_assets_path(path) for path in os.environ.get("REDASH_ JOB_EXPIRY_TIME = int(os.environ.get("REDASH_JOB_EXPIRY_TIME", 3600 * 6)) COOKIE_SECRET = os.environ.get("REDASH_COOKIE_SECRET", "c292a0a3aa32397cdb050e233733900f") -SESSION_COOKIE_SECURE = os.environ.get("REDASH_SESSION_COOKIE_SECURE", False) +SESSION_COOKIE_SECURE = parse_boolean(os.environ.get("REDASH_SESSION_COOKIE_SECURE") or str(ENFORCE_HTTPS)) LOG_LEVEL = os.environ.get("REDASH_LOG_LEVEL", "INFO")