From 50521629f002145d3a8371826e3ec05825371395 Mon Sep 17 00:00:00 2001
From: Till Maas <opensource@till.name>
Date: Wed, 4 Feb 2015 13:20:36 +0100
Subject: [PATCH] Make pkgdb2 session cookie secure

---
 roles/pkgdb2/templates/pkgdb2.cfg | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/roles/pkgdb2/templates/pkgdb2.cfg b/roles/pkgdb2/templates/pkgdb2.cfg
index cd8e862dd2..5e43862a19 100644
--- a/roles/pkgdb2/templates/pkgdb2.cfg
+++ b/roles/pkgdb2/templates/pkgdb2.cfg
@@ -107,3 +107,6 @@ MAIL_ADMIN = 'pingou@fedoraproject.org'
 
 # This is required to fix login
 PREFERRED_URL_SCHEME='https'
+
+# Make browsers send session cookie only via HTTPS
+SESSION_COOKIE_SECURE = True