From f05af5173089184c41c1729dc4c2fc1895ad8a55 Mon Sep 17 00:00:00 2001
From: Pierre-Yves Chibon <pingou@pingoured.fr>
Date: Wed, 4 Feb 2015 15:27:56 +0100
Subject: [PATCH] Make the remaining flask applications send the cookie over
 https only

---
 roles/anitya/frontend/templates/anitya.cfg                 | 2 ++
 roles/mirrormanager/frontend2/templates/mirrormanager2.cfg | 3 ++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/roles/anitya/frontend/templates/anitya.cfg b/roles/anitya/frontend/templates/anitya.cfg
index e0c0fba96a..20ec9bec8d 100644
--- a/roles/anitya/frontend/templates/anitya.cfg
+++ b/roles/anitya/frontend/templates/anitya.cfg
@@ -24,3 +24,5 @@ ANITYA_WEB_FEDORA_OPENID = 'https://id.fedoraproject.org'
 
 # This is required to fix login
 PREFERRED_URL_SCHEME='https'
+# Make browsers send session cookie only via HTTPS
+SESSION_COOKIE_SECURE=True
diff --git a/roles/mirrormanager/frontend2/templates/mirrormanager2.cfg b/roles/mirrormanager/frontend2/templates/mirrormanager2.cfg
index a56ddf9587..a792d31d81 100644
--- a/roles/mirrormanager/frontend2/templates/mirrormanager2.cfg
+++ b/roles/mirrormanager/frontend2/templates/mirrormanager2.cfg
@@ -23,7 +23,8 @@ SECRET_KEY = '{{ mirrormanager_secret_key }}'
 # This should be kept really secret!
 PASSWORD_SEED = "{{ mirrormanager_password_seed }}"
 
-
+# Make browsers send session cookie only via HTTPS
+SESSION_COOKIE_SECURE=True
 
 ###
 # Other configuration items for the web-app