Edgewall Software

Ticket #5910: 5910-secure-auth-cookie-r7510.patch

File 5910-secure-auth-cookie-r7510.patch, 893 bytes (added by rblank, 4 years ago)

Patch against 0.11-stable adding an option to set the secure flag on the trac_auth cookie

  • trac/web/auth.py 

    diff --git a/trac/web/auth.py b/trac/web/auth.py
    a b  
    5959    ignore_case = BoolOption('trac', 'ignore_auth_case', 'false', 
    6060        """Whether login names should be converted to lower case 
    6161        (''since 0.9'').""") 
     62 
     63    secure_auth_cookie = BoolOption('trac', 'secure_auth_cookie', 'false', 
     64        """When true, set the `secure` flag on the `trac_auth` authentication 
     65        cookie so that it is only sent back on HTTPS connections 
     66        (''since 0.11.2'').""") 
    6267 
    6368    # IAuthenticator methods 
    6469 
     
    144149        req.authname = remote_user 
    145150        req.outcookie['trac_auth'] = cookie 
    146151        req.outcookie['trac_auth']['path'] = req.base_path or '/' 
     152        if self.secure_auth_cookie: 
     153            req.outcookie['trac_auth']['secure'] = True 
    147154 
    148155    def _do_logout(self, req): 
    149156        """Log the user out.