diff options
| author | jvoisin | 2018-01-15 10:27:41 +0100 |
|---|---|---|
| committer | jvoisin | 2018-01-15 10:27:41 +0100 |
| commit | 998e3261f67900ff2729c291b8814f104fb3560d (patch) | |
| tree | e028b0d740c46786149f19a3ddc7c41c1ba3021c /doc/source | |
| parent | e61e3c24152fe0a236001726baa0c9537b704100 (diff) | |
Add a note about session cookies handling.
Diffstat (limited to 'doc/source')
| -rw-r--r-- | doc/source/_static/custom.css | 6 | ||||
| -rw-r--r-- | doc/source/config.rst | 15 |
2 files changed, 15 insertions, 6 deletions
diff --git a/doc/source/_static/custom.css b/doc/source/_static/custom.css index 1c47d04..ee9a7dc 100644 --- a/doc/source/_static/custom.css +++ b/doc/source/_static/custom.css | |||
| @@ -1,4 +1,8 @@ | |||
| 1 | blockquote { | 1 | blockquote { |
| 2 | border-left: 2px solid #999; | 2 | border-left: 2px solid #999; |
| 3 | padding-left: 20px; | 3 | padding-left: 20px; |
| 4 | } \ No newline at end of file | 4 | } |
| 5 | |||
| 6 | div.body h5 { | ||
| 7 | font-size: 115%; | ||
| 8 | } | ||
diff --git a/doc/source/config.rst b/doc/source/config.rst index e0df244..794d8b0 100644 --- a/doc/source/config.rst +++ b/doc/source/config.rst | |||
| @@ -105,9 +105,14 @@ It can either be ``enabled`` or ``disabled`` and can be used in ``simulation`` m | |||
| 105 | sp.unserialize_hmac.enable(); | 105 | sp.unserialize_hmac.enable(); |
| 106 | sp.unserialize_hmac.disable(); | 106 | sp.unserialize_hmac.disable(); |
| 107 | 107 | ||
| 108 | Cookies-related mitigations | ||
| 109 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^ | ||
| 110 | |||
| 111 | .. warning:: | ||
| 112 | Those features are **not** available for session cookies `yet <https://github.com/nbs-system/snuffleupagus/issues/122>`_. | ||
| 108 | 113 | ||
| 109 | auto_cookie_secure | 114 | auto_cookie_secure |
| 110 | ^^^^^^^^^^^^^^^^^^ | 115 | """""""""""""""""" |
| 111 | 116 | ||
| 112 | :ref:`auto_cookie_secure <auto-cookie-secure-feature>`, disabled by default, | 117 | :ref:`auto_cookie_secure <auto-cookie-secure-feature>`, disabled by default, |
| 113 | will automatically mark cookies as `secure | 118 | will automatically mark cookies as `secure |
| @@ -122,7 +127,7 @@ It can either be ``enabled`` or ``disabled``. | |||
| 122 | sp.auto_cookie_secure.disable(); | 127 | sp.auto_cookie_secure.disable(); |
| 123 | 128 | ||
| 124 | cookie_samesite | 129 | cookie_samesite |
| 125 | ^^^^^^^^^^^^^^^^ | 130 | """"""""""""""" |
| 126 | 131 | ||
| 127 | :ref:`samesite <samesite-feature>`, disabled by default, will add the `samesite | 132 | :ref:`samesite <samesite-feature>`, disabled by default, will add the `samesite |
| 128 | <https://tools.ietf.org/html/draft-west-first-party-cookies-07>`_ attribute to | 133 | <https://tools.ietf.org/html/draft-west-first-party-cookies-07>`_ attribute to |
| @@ -145,7 +150,7 @@ It can either be set to ``strict`` or ``lax``: | |||
| 145 | .. _cookie-encryption_config: | 150 | .. _cookie-encryption_config: |
| 146 | 151 | ||
| 147 | cookie_encryption | 152 | cookie_encryption |
| 148 | ^^^^^^^^^^^^^^^^^ | 153 | """"""""""""""""" |
| 149 | 154 | ||
| 150 | .. warning:: | 155 | .. warning:: |
| 151 | 156 | ||
| @@ -166,7 +171,7 @@ It can either be ``enabled`` or ``disabled`` and can be used in ``simulation`` m | |||
| 166 | 171 | ||
| 167 | 172 | ||
| 168 | Removing the user-agent part | 173 | Removing the user-agent part |
| 169 | """""""""""""""""""""""""""" | 174 | ............................ |
| 170 | 175 | ||
| 171 | Some web browser extensions, such as `uMatrix <https://github.com/gorhill/uMatrix/wiki>`__ | 176 | Some web browser extensions, such as `uMatrix <https://github.com/gorhill/uMatrix/wiki>`__ |
| 172 | might be configured to change the user-agent on a regular basis. If you think that | 177 | might be configured to change the user-agent on a regular basis. If you think that |
| @@ -181,7 +186,7 @@ proper configuration directive. | |||
| 181 | .. _env-var-config: | 186 | .. _env-var-config: |
| 182 | 187 | ||
| 183 | Choosing the proper environment variable | 188 | Choosing the proper environment variable |
| 184 | """""""""""""""""""""""""""""""""""""""" | 189 | ........................................ |
| 185 | 190 | ||
| 186 | It's up to you to choose a meaningful environment variable to derive the key from. | 191 | It's up to you to choose a meaningful environment variable to derive the key from. |
| 187 | Suhosin `is using <https://www.suhosin.org/stories/configuration.html#suhosin-session-cryptraddr>`_ | 192 | Suhosin `is using <https://www.suhosin.org/stories/configuration.html#suhosin-session-cryptraddr>`_ |
