Home > mailing lists

[pgAdmin4] To make session cookie more secure (Server mode) - Mailing list pgadmin-hackers

From	Murtuza Zabuawala
Subject	[pgAdmin4] To make session cookie more secure (Server mode)
Date	May 9, 2018 13:33:53
Msg-id	CAKKotZRrRNhZNi1O-MjG2QkfiD+gjkZ_3cBE+bRXp+JqcrsAdA@mail.gmail.com Whole thread Raw
Responses	Re: [pgAdmin4] To make session cookie more secure (Server mode) (Dave Page <dpage@pgadmin.org>)
List	pgadmin-hackers

Tree view

Hi,

PFA minor patch to make to make session cookie more secure in Server mode.

We will set SESSION_COOKIE_SAMESITE='Lax' in the config file.

'Lax' option prevents sending cookies with CSRF-prone requests from external sites, such as submitting a form.

RM#3342

lease review.

Regards,

Murtuza Zabuawala
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

Attachment

RM_3342.diff

pgadmin-hackers by date:

From: Akshay Joshi
Date: 09 May 2018, 13:10:14
Subject: Re: [pgAdmin4][Patch] Feature #3270 Add support for runningregression tests against Firefox

From: Akshay Joshi
Date: 09 May 2018, 13:38:07
Subject: pgAdmin 4 commit: Fixed query tool keyboard issue where arrow keyswere

[pgAdmin4] To make session cookie more secure (Server mode) - Mailing list pgadmin-hackers

Attachment

Previous

Next