mirror of
https://github.com/pgadmin-org/pgadmin4.git
synced 2025-01-24 15:26:46 -06:00
Allow enhanced cookie protection to be disabled for compatibility with dynamically addressed hosting environments. Fixes #4566
This commit is contained in:
parent
f8afe2ef94
commit
ee8fec6d7f
@ -13,6 +13,7 @@ New features
|
|||||||
| `Issue #4334 <https://redmine.postgresql.org/issues/4334>`_ - Add support for generated columns in Postgres 12+.
|
| `Issue #4334 <https://redmine.postgresql.org/issues/4334>`_ - Add support for generated columns in Postgres 12+.
|
||||||
| `Issue #4540 <https://redmine.postgresql.org/issues/4540>`_ - Use the full tab space for CodeMirror instances on dialogues where appropriate.
|
| `Issue #4540 <https://redmine.postgresql.org/issues/4540>`_ - Use the full tab space for CodeMirror instances on dialogues where appropriate.
|
||||||
| `Issue #4549 <https://redmine.postgresql.org/issues/4549>`_ - Allow a banner to be displayed on the login and other related pages showing custom text.
|
| `Issue #4549 <https://redmine.postgresql.org/issues/4549>`_ - Allow a banner to be displayed on the login and other related pages showing custom text.
|
||||||
|
| `Issue #4566 <https://redmine.postgresql.org/issues/4566>`_ - Allow enhanced cookie protection to be disabled for compatibility with dynamically addressed hosting environments.
|
||||||
|
|
||||||
Housekeeping
|
Housekeeping
|
||||||
************
|
************
|
||||||
|
@ -432,6 +432,16 @@ ALLOW_SAVE_TUNNEL_PASSWORD = False
|
|||||||
##########################################################################
|
##########################################################################
|
||||||
MASTER_PASSWORD_REQUIRED = True
|
MASTER_PASSWORD_REQUIRED = True
|
||||||
|
|
||||||
|
##########################################################################
|
||||||
|
# Allows pgAdmin4 to create session cookies based on IP address, so even
|
||||||
|
# if a cookie is stolen, the attacker will not be able to connect to the
|
||||||
|
# server using that stolen cookie.
|
||||||
|
# Note: This can cause problems when the server is deployed in dynamic IP
|
||||||
|
# address hosting environments, such as Kubernetes or behind load
|
||||||
|
# balancers. In such cases, this option should be set to False.
|
||||||
|
##########################################################################
|
||||||
|
ENHANCED_COOKIE_PROTECTION = True
|
||||||
|
|
||||||
##########################################################################
|
##########################################################################
|
||||||
# Local config settings
|
# Local config settings
|
||||||
##########################################################################
|
##########################################################################
|
||||||
|
@ -390,7 +390,7 @@ def create_app(app_name=None):
|
|||||||
)
|
)
|
||||||
|
|
||||||
# Make the Session more secure against XSS & CSRF when running in web mode
|
# Make the Session more secure against XSS & CSRF when running in web mode
|
||||||
if config.SERVER_MODE:
|
if config.SERVER_MODE and config.ENHANCED_COOKIE_PROTECTION:
|
||||||
paranoid = Paranoid(app)
|
paranoid = Paranoid(app)
|
||||||
paranoid.redirect_view = 'browser.index'
|
paranoid.redirect_view = 'browser.index'
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user