fix dla xiastek not secure

2025-07-26 23:41:26 +02:00
parent 4cea094465
commit e5e498a5a9
1 changed files with 15 additions and 12 deletions
--- a/app.py
+++ b/app.py
@@ -77,18 +77,21 @@ if app.config.get("ENABLE_CSP", True):

 permissions_policy = {"browsing-topics": "()"} if app.config["ENABLE_PP"] else None

-talisman = Talisman(
-    app,
-    force_https=False,
-    strict_transport_security=app.config.get("ENABLE_HSTS", True),
-    frame_options="DENY" if app.config.get("ENABLE_XFO", True) else None,
-    permissions_policy=permissions_policy,
-    content_security_policy=csp_policy,
-    x_content_type_options=app.config.get("ENABLE_XCTO", True),
-    strict_transport_security_include_subdomains=False,
-    referrer_policy=app.config.get("REFERRER_POLICY"),
+talisman_kwargs = {
+    "force_https": False,
+    "strict_transport_security": app.config.get("ENABLE_HSTS", True),
+    "frame_options": "DENY" if app.config.get("ENABLE_XFO", True) else None,
+    "permissions_policy": permissions_policy,
+    "content_security_policy": csp_policy,
+    "x_content_type_options": app.config.get("ENABLE_XCTO", True),
+    "strict_transport_security_include_subdomains": False,
+    "session_cookie_secure": app.config["SESSION_COOKIE_SECURE"],
+}

-)
+if app.config.get("REFERRER_POLICY"):
+    talisman_kwargs["referrer_policy"] = app.config["REFERRER_POLICY"]
+
+talisman = Talisman(app, **talisman_kwargs)

 register_heif_opener()  # pillow_heif dla HEIC

@@ -990,7 +993,7 @@ def login():
        if user and check_password_hash(user.password_hash, request.form["password"]):
            session.permanent = True
            login_user(user)
-            session["logged"] = True 
+            #session["logged"] = True 
            flash("Zalogowano pomyślnie", "success")
            return redirect(url_for("main_page"))
        flash("Nieprawidłowy login lub hasło", "danger")