SESSION_COOKIE_SECURE and HTTP won't work

master
Florent Daigniere 3 years ago
parent 7678365ab3
commit b48779ea70

@ -7,3 +7,15 @@
{%- block subtitle %} {%- block subtitle %}
{% trans %}to access the administration tools{% endtrans %} {% trans %}to access the administration tools{% endtrans %}
{%- endblock %} {%- endblock %}
{%+ block content %}
{% if config["SESSION_COOKIE_SECURE"] %}
<script language="javascript">
if(window.location.protocol != "https:") {
document.write('<div class="alert alert-danger" role="alert">The login form has been disabled as <b>SESSION_COOKIE_SECURE</b> is on but you are accessing Mailu over HTTP</div>');
window.stop();
}
</script>
{% endif %}
{{ super() }}
{%+ endblock %}

@ -0,0 +1 @@
Disable the login page if SESSION_COOKIE_SECURE is incompatible with how Mailu is accessed as this seems to be a common misconfiguration.
Loading…
Cancel
Save