lub
/
mailu
1
0
Fork 0
Code Issues Pull Requests Packages Releases Wiki Activity
mailu/docs
History
bors[bot] 464e46b02b
Merge 
1765: Set sensible cookie flags on the admin app r=mergify[bot] a=nextgens

## What type of PR?

Bugfix

## What does this PR do?

It sets the right flags on the session cookie issued by the admin app.
This should probably be backported as the lack of secure flag on TLS-enabled setup is a high risk vulnerability.

SameSite is hardening / helps against CSRF on modern browsers
HTTPOnly is hardening / helps reduce the impact of XSS

Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
..
_templates Restore VERSION_TAG template
assets removing unneeded image
compose Fixing documentation minor typo
contributors fixed workflow example in documentation
kubernetes Update webmail.yaml
swarm add some docs about _FILE variables
.env Add deploy settings for server
Dockerfile Docs: treat warnings as errors
antispam.rst Add documentation for the web administration gui.
cli.rst Docs: fix some build warnings
conf.py Completely remove step 5 where you can set the replica count for docker-stack.
configuration.rst Add a new knob as discussed on matrix with lub
database.rst Update database.rst
demo.rst Fixed small typo
dns.rst Update docs/dns.rst
docker-compose.yml Make docker-compose.yml for setup and docs development friendly
faq.rst Merge
features.rst remove service status "feature"
general.rst Fix the rst syntax for most documentation
index.rst Add documentation for the web administration gui.
maintain.rst Include a doc section for external certbot
nginx.conf Build the documentation as a Docker image
releases.rst rewording about the usage of PostgreSQL
requirements.txt Revert "Add a Dockerfile for buliding the docs"
reverse.rst add warning about removing front
rpi_build.rst RPi: update doc (alpine version + variables)
setup.rst Preparations for 1.8 release.
webadministration.rst Update docs/webadministration.rst