Thanks, patch applied. On Wed, May 9, 2018 at 8:33 AM, Murtuza Zabuawala < murtuza.zabuaw...@enterprisedb.com> wrote:
> Hi, > > PFA minor patch to make to make session cookie more secure in Server mode. > We will set SESSION_COOKIE_SAMESITE > <http://flask.pocoo.org/docs/1.0/config/#SESSION_COOKIE_SAMESITE>='Lax' > in the config file. > 'Lax' option prevents sending cookies with CSRF-prone requests from > external sites, such as submitting a form. > RM#3342 > > P > lease review. > > > -- > Regards, > Murtuza Zabuawala > EnterpriseDB: http://www.enterprisedb.com > The Enterprise PostgreSQL Company > > -- Dave Page Blog: http://pgsnake.blogspot.com Twitter: @pgsnake EnterpriseDB UK: http://www.enterprisedb.com The Enterprise PostgreSQL Company
