facf6073e5
* web-apps(back): Introduce APP_SECURE_COOKIES var Expose a new APP_SECURE_COOKIES env variable that will configure whether the web apps should set Secure cookies or not. This will allow the admins to configure the web apps to work when Kubeflow is exposed over localhost/http. Signed-off-by: Kimonas Sotirchos <kimwnasptd@arrikto.com> * web-apps(back): Switch CSRF checks order The order the backend makes the CSRF checks should be the following: 1. check if the CSRF cookie is present 2. check if the CSRF header is present 3. check if the CSRF cookie and header have the same value Signed-off-by: Kimonas Sotirchos <kimwnasptd@arrikto.com> * web-apps: Set APP_SECURE_COOKIES to false in dev When running the web apps via the makefiles in dev mode we will need to explicitly set the APP_SECURE_COOKIES env var to False, since the app will be served over http. Signed-off-by: Kimonas Sotirchos <kimwnasptd@arrikto.com> |
||
|---|---|---|
| .. | ||
| app | ||
| Makefile | ||
| entrypoint.py | ||
| requirements.txt | ||