HUE-9518 [session] ability to change the csrf cookie age from default 1yr

Review Request #15526 — Created Oct. 27, 2020 and submitted

quadoss
hue
master
HUE-9518
hue
asnaik, johan, ranade, romain, weixia, yingc
commit 0a7148271e5d76dbbc006102ca2d089150dbdac6
Author: Mahesh Balakrishnan <mbalakrishnan@cloudera.com>
Date:   Tue Oct 27 15:53:34 2020 -0700

    HUE-9518 [session] ability to change the csrf cookie age from default 1yr

:100644 100644 27e0e14e2f 86dba8b546 M	desktop/core/src/desktop/conf.py
:100644 100644 a3bb575f82 040562974f M	desktop/core/src/desktop/settings.py

Manual testing as this was provided to a customer as a patch and got confirmation that it fixed the issue for them.

romain
  1. Nice!

    And defaut is indeed 1 year so we are good.
    https://docs.djangoproject.com/en/3.1/ref/settings/#csrf-cookie-age

    Would also be nice to add to the inis:
    https://github.com/cloudera/hue/blob/master/desktop/conf/pseudo-distributed.ini.tmpl#L677
    https://github.com/cloudera/hue/blob/master/desktop/conf.dist/hue.ini#L675

  2. 
      
quadoss
Review request changed

Status: Closed (submitted)

Loading...