- **summary**: improve session cookie handling --> improve session cookie
handling NEEDS CONFIG CHANGES
- **Comment**:
for deployment/changelog:
- add `session.jwt_secret_keys` to .ini file, with a value `python -c 'import
secrets; print(secrets.token_hex());'`
- `session.type = cookie` is no
---
** [tickets:#8526] improve session cookie handling**
**Status:** in-progress
**Milestone:** unreleased
**Labels:** security
**Created:** Wed Nov 15, 2023 07:48 PM UTC by Dave Brondsema
**Last Updated:** Wed Nov 15, 2023 07:48 PM UTC
**Owner:** Dave Brondsema
Main thing is to move away