Skip to content

Commit

Permalink
fix: LEAP-1713: Enhance CSRF Token Security
Browse files Browse the repository at this point in the history
  • Loading branch information
@triklozoid
triklozoid committed Jan 14, 2025
1 parent 1e767ef commit a4163f3
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions label_studio/core/settings/base.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -427,6 +427,8 @@
CSRF_COOKIE_SECURE = bool(int(get_env('CSRF_COOKIE_SECURE', SESSION_COOKIE_SECURE)))
CSRF_COOKIE_HTTPONLY = bool(int(get_env('CSRF_COOKIE_HTTPONLY', SESSION_COOKIE_SECURE)))
CSRF_COOKIE_SAMESITE = get_env('CSRF_COOKIE_SAMESITE', 'Lax')
CSRF_COOKIE_AGE = int(get_env('CSRF_COOKIE_AGE', 1209600))


# Inactivity user sessions
INACTIVITY_SESSION_TIMEOUT_ENABLED = bool(int(get_env('INACTIVITY_SESSION_TIMEOUT_ENABLED', True)))
Expand Down

0 comments on commit a4163f3

Please sign in to comment.