pkgs/by-name/la/lasuite-meet/secure_settings.patch at python-updates

tjh.dev / nixpkgs

fork atom

nixpkgs mirror (for testing) github.com/NixOS/nixpkgs

nix

fork atom

nixpkgs / pkgs / by-name / la / lasuite-meet / secure_settings.patch

at python-updates 52 lines 2.1 kB view raw

wrap content

 1From d7bbf24df5eecb61caebdf55b0d26da60a9d9609 Mon Sep 17 00:00:00 2001
 2From: soyouzpanda <soyouzpanda@soyouzpanda.fr>
 3Date: Fri, 16 May 2025 23:41:12 +0200
 4Subject: [PATCH 1/2] =?UTF-8?q?=F0=9F=94=A7(backend)=20allow=20SECURE=20en?=
 5 =?UTF-8?q?vironment=20variables=20to=20be=20configured?=
 6MIME-Version: 1.0
 7Content-Type: text/plain; charset=UTF-8
 8Content-Transfer-Encoding: 8bit
 9
10---
11 meet/settings.py | 19 ++++++++++++-------
12 1 file changed, 12 insertions(+), 7 deletions(-)
13
14diff --git a/meet/settings.py b/meet/settings.py
15index ebb0837..9c67986 100755
16--- a/meet/settings.py
17+++ b/meet/settings.py
18@@ -755,19 +755,24 @@ class Production(Base):
19     # - Your proxy sets the X-Forwarded-Proto header and sends it to Django
20     #
21     # In other cases, you should comment the following line to avoid security issues.
22-    SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
23-    SECURE_HSTS_SECONDS = 60
24-    SECURE_HSTS_PRELOAD = True
25-    SECURE_HSTS_INCLUDE_SUBDOMAINS = True
26-    SECURE_SSL_REDIRECT = True
27+    SECURE_PROXY_SSL_HEADER = values.TupleValue(("HTTP_X_FORWARDED_PROTO", "https"),
28+                                                environ_name="SECURE_PROXY_SSL_HEADER")
29+    SECURE_HSTS_SECONDS = values.IntegerValue(
30+        60, environ_name="SECURE_HSTS_SECONDS")
31+    SECURE_HSTS_PRELOAD = values.BooleanValue(
32+        True, environ_name="SECURE_HSTS_PRELOAD")
33+    SECURE_HSTS_INCLUDE_SUBDOMAINS = values.BooleanValue(
34+        True, environ_name="SECURE_HSTS_INCLUDE_SUBDOMAINS")
35+    SECURE_SSL_REDIRECT = values.BooleanValue(
36+        True, environ_name="SECURE_SSL_REDIRECT")
37     SECURE_REDIRECT_EXEMPT = [
38         "^__lbheartbeat__",
39         "^__heartbeat__",
40     ]
41 
42     # Modern browsers require to have the `secure` attribute on cookies with `Samesite=none`
43-    CSRF_COOKIE_SECURE = True
44-    SESSION_COOKIE_SECURE = True
45+    CSRF_COOKIE_SECURE = values.BooleanValue(True, environ_name="CSRF_COOKIE_SECURE")
46+    SESSION_COOKIE_SECURE = values.BooleanValue(True, environ_name="SESSION_COOKIE_SECURE")
47 
48     # Privacy
49     SECURE_REFERRER_POLICY = "same-origin"
50-- 
512.47.2
52