From 505bb79a78203da87cde5f9f3b31c579f3bcfac1 Mon Sep 17 00:00:00 2001
From: Florent Daigniere <nextgens@freenetproject.org>
Date: Mon, 14 Nov 2022 15:03:57 +0100
Subject: [PATCH] Don't set the secure Cookie flag if TLS_FLAVOR=notls

---
 core/admin/mailu/sso/views/base.py | 2 +-
 core/admin/mailu/utils.py          | 2 +-
 core/admin/run_dev.sh              | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/core/admin/mailu/sso/views/base.py b/core/admin/mailu/sso/views/base.py
index 6fa9403f..a4218ac6 100644
--- a/core/admin/mailu/sso/views/base.py
+++ b/core/admin/mailu/sso/views/base.py
@@ -39,7 +39,7 @@ def login():
             flask.session.regenerate()
             flask_login.login_user(user)
             response = flask.redirect(destination)
-            response.set_cookie('rate_limit', utils.limiter.device_cookie(username), max_age=31536000, path=flask.url_for('sso.login'), secure=app.config['SESSION_COOKIE_SECURE'], httponly=True)
+            response.set_cookie('rate_limit', utils.limiter.device_cookie(username), max_age=31536000, path=flask.url_for('sso.login'), secure=False if app.config['TLS_FLAVOR'] == 'notls' else app.config['SESSION_COOKIE_SECURE'], httponly=True)
             flask.current_app.logger.info(f'Login succeeded for {username} from {client_ip} pwned={form.pwned.data}.')
             if msg := utils.isBadOrPwned(form):
                 flask.flash(msg, "error")
diff --git a/core/admin/mailu/utils.py b/core/admin/mailu/utils.py
index f160fe3f..a330a7d6 100644
--- a/core/admin/mailu/utils.py
+++ b/core/admin/mailu/utils.py
@@ -408,7 +408,7 @@ class MailuSessionInterface(SessionInterface):
                 httponly=self.get_cookie_httponly(app),
                 domain=self.get_cookie_domain(app),
                 path=self.get_cookie_path(app),
-                secure=self.get_cookie_secure(app),
+                secure=False if app.config['TLS_FLAVOR'] == 'notls' else self.get_cookie_secure(app),
                 samesite=self.get_cookie_samesite(app)
             )
 
diff --git a/core/admin/run_dev.sh b/core/admin/run_dev.sh
index 4ab76e74..65841f2c 100755
--- a/core/admin/run_dev.sh
+++ b/core/admin/run_dev.sh
@@ -68,12 +68,12 @@ ENV \
     FLASK_ENV="development" \
     MEMORY_SESSIONS="true" \
     RATELIMIT_STORAGE_URL="memory://" \
-    SESSION_COOKIE_SECURE="false" \
     \
     DEBUG="true" \
     DEBUG_PROFILER="${DEV_PROFILER}" \
     DEBUG_ASSETS="/app/static" \
     DEBUG_TB_ENABLED="true" \
+    DEBUG_TB_INTERCEPT_REDIRECTS=False \
     \
     IMAP_ADDRESS="127.0.0.1" \
     POP3_ADDRESS="127.0.0.1" \