pierrejeambrun commented on code in PR #47859:
URL: https://github.com/apache/airflow/pull/47859#discussion_r1999099855
##########
providers/fab/src/airflow/providers/fab/www/views.py:
##########
@@ -69,7 +69,9 @@ def index(self):
if g.user is not None and g.user.is_authenticated:
token = get_auth_manager().generate_jwt(g.user)
response = make_response(redirect(f"{conf.get('api',
'base_url')}", code=302))
- response.set_cookie(COOKIE_NAME_JWT_TOKEN, token, secure=True)
+
+ secure = bool(conf.get("api", "ssl_cert"))
+ response.set_cookie(COOKIE_NAME_JWT_TOKEN, token, secure=secure)
Review Comment:
Indeed, that could also be a solution. I think this brings also questions
about ssl termination point and header forwarding. That's harder to test and
would require a bit more investigation to be honest so I think we can go with
what we have at first, just to unblock safari and later we can always improve
that when we have more time to spend on it.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
