orbit-oss/flask
4
4
Fork 2
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

clean up samesite docs

Browse source
This commit is contained in:
David Lord 2018-01-23 15:11:50 -08:00
parent db5735c3ce
commit 382b13581e
No known key found for this signature in database
GPG key ID: 7A1C87E3F5BC42A8
4 changed files with 33 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

12
docs/config.rst
View file

@ -210,12 +210,14 @@ The following configuration values are used internally by Flask:
.. py:data:: SESSION_COOKIE_SAMESITE
Browser will only send cookies to the domain that created them.
There are two possible values for the same-site attribute: "Strict" and "Lax"
If set to "None", the samesite flag is not set.
Restrict how cookies are sent with requests from external sites. Can
be set to ``'Lax'`` (recommended) or ``'Strict'``.
See :ref:`security-cookie`.
Default: ``None``
.. versionadded:: 1.0
.. py:data:: PERMANENT_SESSION_LIFETIME
If ``session.permanent`` is true, the cookie's expiration will be set this
@ -369,13 +371,15 @@ The following configuration values are used internally by Flask:
``LOGGER_HANDLER_POLICY``, ``EXPLAIN_TEMPLATE_LOADING``
.. versionchanged:: 1.0
``LOGGER_NAME`` and ``LOGGER_HANDLER_POLICY`` were removed. See
:ref:`logging` for information about configuration.
Added :data:`ENV` to reflect the :envvar:`FLASK_ENV` environment
variable.
Added :data:`SESSION_COOKIE_SAMESITE` to control the session
cookie's ``SameSite`` option.
Configuring from Files
----------------------