BBlack has uploaded a new change for review.
https://gerrit.wikimedia.org/r/284110
Change subject: secure WMF-Last-Access cookie
......................................................................
secure WMF-Last-Access cookie
Note I did this before, but stupidly only changed the varnish4
case, back in commit 80327148
Bug: T119576
Change-Id: I9b019f4fd5484d21fe733b64ada0f4bf267b7f2c
---
M templates/varnish/analytics.inc.vcl.erb
1 file changed, 2 insertions(+), 2 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/operations/puppet
refs/changes/10/284110/1
diff --git a/templates/varnish/analytics.inc.vcl.erb
b/templates/varnish/analytics.inc.vcl.erb
index ca2eba1..fa2bd78 100644
--- a/templates/varnish/analytics.inc.vcl.erb
+++ b/templates/varnish/analytics.inc.vcl.erb
@@ -52,7 +52,7 @@
* header.append(resp.http.Set-Cookie,
* "WMF-Last-Access="
* + req.http.X-NowDay
- * + ";Path=/;HttpOnly;Expires="
+ * + ";Path=/;HttpOnly;secure;Expires="
* + (now + 32d)
* );
* However, varnish3 is buggy wrt str + (time + duration), so we're forced to
@@ -65,7 +65,7 @@
Vmod_Func_header.append(sp, HDR_RESP, "\013Set-Cookie:",
"WMF-Last-Access=",
VRT_GetHdr(sp, HDR_REQ, "\011X-NowDay:"),
- ";Path=/;HttpOnly;Expires=",
+ ";Path=/;HttpOnly;secure;Expires=",
VRT_time_string(sp, (double)(
((time_t)VRT_r_now(sp) + 2764800) / 43200 * 43200
)),
--
To view, visit https://gerrit.wikimedia.org/r/284110
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I9b019f4fd5484d21fe733b64ada0f4bf267b7f2c
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: BBlack <bbl...@wikimedia.org>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
