Support session encryption

Implement session encryption.
author: kkadosh 2018-05-29 19:34:16 +0000
committer: jvoisin 2018-05-29 19:34:16 +0000
commit: 7832438b7abedf567ce6376f99949f419abcdff1 (patch)
tree: 560e43918d1dc36ce4cf760a5b27aed0c563bc1c /doc
parent: 9eebe8c67e03e3041d454ea28e93996f7a67740b (diff)
4 files changed, 139 insertions, 103 deletions
diff --git a/doc/source/config.rst b/doc/source/config.rst
index d8389b6..b5bcad4 100644
--- a/doc/source/config.rst
+++ b/doc/source/config.rst
@@ -68,7 +68,7 @@ This configuration variable contains parameters that are used by multiple featur
  sp.global.secret_key("44239bd400aa82e125337c9d4eb8315767411ccd");
 - ``cookie_env_var``: A environment variable used as part of cookies encryption.
-  See the :ref:`relevant documentation <env-var-config>`.
+  See the :ref:`relevant documentation <cookie-encryption-config>`
 Bugclass-killer features
 ------------------------
@@ -123,103 +123,9 @@ It can either be ``enabled`` or ``disabled`` and can be used in ``simulation`` m
 Cookies-related mitigations
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
-.. warning::
+Since snuffleupagus is providing several hardening features for cookies,
-  Those features are **not** available for session cookies `yet <https://github.com/nbs-system/snuffleupagus/issues/122>`_.
+there is a :dedicated web page:`here <cookie-encryption-config>` about them.
-auto_cookie_secure
-""""""""""""""""""
- 
-:ref:`auto_cookie_secure <auto-cookie-secure-feature>`, disabled by default,
-will automatically mark cookies as `secure
-<https://en.wikipedia.org/wiki/HTTP_cookie#Secure_cookie>`_ when the web page
-is requested over HTTPS.
-It can either be ``enabled`` or ``disabled``.
-::
-  sp.auto_cookie_secure.enable();
-  sp.auto_cookie_secure.disable();
-cookie_samesite
-"""""""""""""""
- 
-:ref:`samesite <samesite-feature>`, disabled by default, will add the `samesite
-<https://tools.ietf.org/html/draft-west-first-party-cookies-07>`_ attribute to
-cookies. It `prevents CSRF <https://www.owasp.org/index.php/SameSite>`_ but is
-not implemented by `all web browsers <https://caniuse.com/#search=samesite>`_
-yet.
-It can either be set to ``strict`` or ``lax``:
- The ``lax`` attribute prevents cookies from being sent cross-domain for
-  "dangerous" methods, like ``POST``, ``PUT`` or ``DELETE``.
- The ``strict`` one prevents any cookies from beind sent cross-domain.
-::
-  sp.cookie.name("cookie1").samesite("lax");
-  sp.cookie.name("cookie2").samesite("strict");;
-.. _cookie-encryption_config:
-cookie_encryption
-"""""""""""""""""
-   
-.. warning::
-  To use this feature, you **must** set the :ref:`global.secret_key <config_global>`
-  and the :ref:`global.cookie_env_var <config_global>` variables.
-  This design decision prevents an attacker from
-  `trivially bruteforcing <https://www.idontplaydarts.com/2011/11/decrypting-suhosin-sessions-and-cookies/>`_
-  or re-using session cookies.
-:ref:`cookie_secure <cookie-encryption-feature>`, disabled by default, will activate transparent encryption of specific cookies.
-It can either be ``enabled`` or ``disabled`` and can be used in ``simulation`` mode.
-::
-  sp.cookie.name("my_cookie_name").encrypt();
-  sp.cookie.name("another_cookie_name").encrypt();
-Removing the user-agent part
-............................
-Some web browser extensions, such as `uMatrix <https://github.com/gorhill/uMatrix/wiki>`__
-might be configured to change the user-agent on a regular basis. If you think that
-some of your users might be using configurations like this, you might want to disable
-the mixing of the user-agent in the cookie's encryption key. The simplest way to do
-so is to set the environment variable ``HTTP_USER_AGENT`` to a fixed value before passing
-it to your php process.
-We think that this use case is too exotic to be worth implementing as a
-proper configuration directive.
-.. _env-var-config:
-Choosing the proper environment variable
-........................................
-It's up to you to choose a meaningful environment variable to derive the key from.
-Suhosin `is using <https://www.suhosin.org/stories/configuration.html#suhosin-session-cryptraddr>`_
-the ``REMOTE_ADDR`` one, tying the validity of the cookie to the IP address of the user;
-unfortunately, nowadays, people are `roaming <https://en.wikipedia.org/wiki/Roaming>`_ a lot on their smartphone,
-hopping from WiFi to 4G.
-This is why we recommend, if possible, to use the *extended master secret*
-from TLS connections (`RFC7627 <https://tools.ietf.org/html/rfc7627>`_)
-instead. The will make the validity of the cookie TLS-dependent, by using the ``SSL_SESSION_ID`` variable.
- In `Apache <https://httpd.apache.org/docs/current/mod/mod_ssl.html>`_,
-  it is possible to enable by adding ``SSLOptions StdEnvVars`` in your Apache2 configuration.
- In `nginx <https://nginx.org/en/docs/http/ngx_http_ssl_module.html#variables>`_,
-  you have to use ``fastcgi_param SSL_SESSION_ID $ssl_session_id if_not_empty;``.
-If you aren't using TLS (you should be), you can always use the ``REMOTE_ADDR`` one,
-or ``X-Real-IP`` if you're behind a reverse proxy.
 readonly_exec
 ^^^^^^^^^^^^^
diff --git a/doc/source/encryption.rst b/doc/source/encryption.rst
new file mode 100644
index 0000000..8ac6861
--- /dev/null
+++ b/doc/source/encryption.rst
@@ -0,0 +1,132 @@
+.. _cookie-encryption-config:
+Cookies
+=======
+auto_cookie_secure
+""""""""""""""""""
+ 
+:ref:`auto_cookie_secure <auto-cookie-secure-feature>`, disabled by default,
+will automatically mark cookies as `secure
+<https://en.wikipedia.org/wiki/HTTP_cookie#Secure_cookie>`_ when the web page
+is requested over HTTPS.
+It can either be ``enabled`` or ``disabled``.
+::
+  sp.auto_cookie_secure.enable();
+  sp.auto_cookie_secure.disable();
+cookie_samesite
+"""""""""""""""
+ 
+:ref:`samesite <samesite-feature>`, disabled by default, will add the `samesite
+<https://tools.ietf.org/html/draft-west-first-party-cookies-07>`_ attribute to
+cookies. It `prevents CSRF <https://www.owasp.org/index.php/SameSite>`_ but is
+not implemented by `all web browsers <https://caniuse.com/#search=samesite>`_
+yet.
+It can either be set to ``strict`` or ``lax``:
+- The ``lax`` attribute prevents cookies from being sent cross-domain for
+  "dangerous" methods, like ``POST``, ``PUT`` or ``DELETE``.
+- The ``strict`` one prevents any cookies from beind sent cross-domain.
+::
+  sp.cookie.name("cookie1").samesite("lax");
+  sp.cookie.name("cookie2").samesite("strict");;
+.. _cookie-encryption_config:
+Cookie encryption
+"""""""""""""""""
+   
+The encryption is done via the `tweetnacl library <https://tweetnacl.cr.yp.to/>`_,
+thus using `curve25519<https://en.wikipedia.org/wiki/Curve25519>`__, `xsalsa20 <https://en.wikipedia.org/wiki/Salsa20#ChaCha_variant>`__ and `poly1305 <https://en.wikipedia.org/wiki/Poly1305>`__ for the encryption. We chose this
+library because of its portability, simplicity and reduced size (a single `.h` and
+`.c` file.).
+The key is derived from multiple sources, such as :
+ * The ``secret_key`` provided in the configuration.
+ * An environment variable, such as the ``REMOTE_ADDR`` (remote IP address) or the *extended master secret* from TLS connections (`RFC7627 <https://tools.ietf.org/html/rfc7627>`_)
+ * The user-agent.
+.. warning::
+  To use this feature, you **must** set the :ref:`global.secret_key <config_global>`
+  and the :ref:`global.cookie_env_var <config_global>` variables.
+  This design decision prevents an attacker from
+  `trivially bruteforcing <https://www.idontplaydarts.com/2011/11/decrypting-suhosin-sessions-and-cookies/>`_
+  or re-using session cookies.
+  If the simulation mode isn’t specified in the configuration, snuffleupagus will drop any request that it was unable to decrypt.
+Since PHP doesn't handle session cookie and non-session cookie in the same way,
+thus we are providing two different options:
+ * For the session cookie, the encryption happens server-side: The cookie's value isn't encrypted, only the session content is.
+ * For the non-session cookie, the value is encrypted.
+Session cookie
+..............
+:ref:`Session encryption <cookie-encryption-feature>`, disabled by default, will activate transparent session encryption.
+It can either be ``enabled`` or ``disabled`` and can be used in ``simulation`` mode.
+::
+  sp.session.encrypt();
+  sp.session.simulation();
+Non-session cookie
+..................
+:ref:`Cookie encryption <cookie-encryption-feature>`, disabled by default, will activate transparent encryption of specific cookies.
+It can either be ``enabled`` or ``disabled`` and can be used in ``simulation`` mode.
+::
+  sp.cookie.name("my_cookie_name").encrypt();
+  sp.cookie.name("another_cookie_name").encrypt();
+Removing the user-agent part
+............................
+Some web browser extensions, such as `uMatrix <https://github.com/gorhill/uMatrix/wiki>`__
+might be configured to change the user-agent on a regular basis. If you think that
+some of your users might be using configurations like this, you might want to disable
+the mixing of the user-agent in the cookie's encryption key. The simplest way to do
+so is to set the environment variable ``HTTP_USER_AGENT`` to a fixed value before passing
+it to your php process.
+We think that this use case is too exotic to be worth implementing as a
+proper configuration directive.
+.. _env-var-config:
+Choosing the proper environment variable
+........................................
+It's up to you to choose a meaningful environment variable to derive the key from.
+Suhosin `is using <https://www.suhosin.org/stories/configuration.html#suhosin-session-cryptraddr>`_
+the ``REMOTE_ADDR`` one, tying the validity of the cookie to the IP address of the user;
+unfortunately, nowadays, people are `roaming <https://en.wikipedia.org/wiki/Roaming>`_ a lot on their smartphone,
+hopping from WiFi to 4G.
+This is why we recommend, if possible, to use the *extended master secret*
+from TLS connections (`RFC7627 <https://tools.ietf.org/html/rfc7627>`_)
+instead. The will make the validity of the cookie TLS-dependent, by using the ``SSL_SESSION_ID`` variable.
+- In `Apache <https://httpd.apache.org/docs/current/mod/mod_ssl.html>`_,
+  it is possible to enable by adding ``SSLOptions StdEnvVars`` in your Apache2 configuration.
+- In `nginx <https://nginx.org/en/docs/http/ngx_http_ssl_module.html#variables>`_,
+  you have to use ``fastcgi_param SSL_SESSION_ID $ssl_session_id if_not_empty;``.
+If you aren't using TLS (you should be), you can always use the ``REMOTE_ADDR`` one,
+or ``X-Real-IP`` if you're behind a reverse proxy.
diff --git a/doc/source/features.rst b/doc/source/features.rst
index 24c5074..08ad3d4 100644
--- a/doc/source/features.rst
+++ b/doc/source/features.rst
@@ -63,8 +63,8 @@ Examples of related vulnerabilities
 .. _cookie-encryption-feature:
-Session-cookie stealing via XSS
+Cookie stealing via XSS
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+^^^^^^^^^^^^^^^^^^^^^^^
 The goto payload for XSS is often to steal cookies.
 Like *Suhosin*, we are encrypting the cookies with a secret key,
@@ -79,10 +79,7 @@ This feature is roughly the same than the `Suhosin one <https://suhosin.org/stor
 Having a secret server-side key will prevent anyone (even the user himself)
 from reading the content of the cookie, reducing the impact of an application storing sensitive data client-side.
-The encryption is done via the `tweetnacl library <https://tweetnacl.cr.yp.to/>`_,
-thus using curve25519, xsalsa20 and poly1305 for the encryption. We chose this
-library because of its portability, simplicity and reduced size (a single `.h` and
-`.c` file.).
 .. _fileupload-feature:
diff --git a/doc/source/index.rst b/doc/source/index.rst
index 28d0474..22cdcb8 100644
--- a/doc/source/index.rst
+++ b/doc/source/index.rst
@@ -19,6 +19,7 @@ Documentation
   changelog
   faq
   papers
+   encryption
 Greetings
 ---------
author	kkadosh	2018-05-29 19:34:16 +0000
committer	jvoisin	2018-05-29 19:34:16 +0000
commit	7832438b7abedf567ce6376f99949f419abcdff1 (patch)
tree	560e43918d1dc36ce4cf760a5b27aed0c563bc1c /doc
parent	9eebe8c67e03e3041d454ea28e93996f7a67740b (diff)

diff --git a/doc/source/config.rst b/doc/source/config.rst index d8389b6..b5bcad4 100644 --- a/doc/source/config.rst +++ b/doc/source/config.rst
@@ -68,7 +68,7 @@ This configuration variable contains parameters that are used by multiple featur
68	sp.global.secret_key("44239bd400aa82e125337c9d4eb8315767411ccd");	68	sp.global.secret_key("44239bd400aa82e125337c9d4eb8315767411ccd");
69		69
70	- ``cookie_env_var``: A environment variable used as part of cookies encryption.	70	- ``cookie_env_var``: A environment variable used as part of cookies encryption.
71	See the :ref:`relevant documentation <env-var-config>`.	71	See the :ref:`relevant documentation <cookie-encryption-config>`
72		72
73	Bugclass-killer features	73	Bugclass-killer features
74	------------------------	74	------------------------
@@ -123,103 +123,9 @@ It can either be ``enabled`` or ``disabled`` and can be used in ``simulation`` m
123	Cookies-related mitigations	123	Cookies-related mitigations
124	^^^^^^^^^^^^^^^^^^^^^^^^^^^	124	^^^^^^^^^^^^^^^^^^^^^^^^^^^
125		125
126	.. warning::	126	Since snuffleupagus is providing several hardening features for cookies,
127	Those features are not available for session cookies `yet <https://github.com/nbs-system/snuffleupagus/issues/122>`_.	127	there is a :dedicated web page:`here <cookie-encryption-config>` about them.
128
129	auto_cookie_secure
130	""""""""""""""""""
131
132	:ref:`auto_cookie_secure <auto-cookie-secure-feature>`, disabled by default,
133	will automatically mark cookies as `secure
134	<https://en.wikipedia.org/wiki/HTTP_cookie#Secure_cookie>`_ when the web page
135	is requested over HTTPS.
136
137	It can either be ``enabled`` or ``disabled``.
138
139	::
140
141	sp.auto_cookie_secure.enable();
142	sp.auto_cookie_secure.disable();
143
144	cookie_samesite
145	"""""""""""""""
146
147	:ref:`samesite <samesite-feature>`, disabled by default, will add the `samesite
148	<https://tools.ietf.org/html/draft-west-first-party-cookies-07>`_ attribute to
149	cookies. It `prevents CSRF <https://www.owasp.org/index.php/SameSite>`_ but is
150	not implemented by `all web browsers <https://caniuse.com/#search=samesite>`_
151	yet.
152
153	It can either be set to ``strict`` or ``lax``:
154
155	- The ``lax`` attribute prevents cookies from being sent cross-domain for
156	"dangerous" methods, like ``POST``, ``PUT`` or ``DELETE``.
157
158	- The ``strict`` one prevents any cookies from beind sent cross-domain.
159
160	::
161
162	sp.cookie.name("cookie1").samesite("lax");
163	sp.cookie.name("cookie2").samesite("strict");;
164
165	.. _cookie-encryption_config:
166
167	cookie_encryption
168	"""""""""""""""""
169
170	.. warning::
171
172	To use this feature, you must set the :ref:`global.secret_key <config_global>`
173	and the :ref:`global.cookie_env_var <config_global>` variables.
174	This design decision prevents an attacker from
175	`trivially bruteforcing <https://www.idontplaydarts.com/2011/11/decrypting-suhosin-sessions-and-cookies/>`_
176	or re-using session cookies.
177
178	:ref:`cookie_secure <cookie-encryption-feature>`, disabled by default, will activate transparent encryption of specific cookies.
179
180	It can either be ``enabled`` or ``disabled`` and can be used in ``simulation`` mode.
181
182	::
183
184	sp.cookie.name("my_cookie_name").encrypt();
185	sp.cookie.name("another_cookie_name").encrypt();
186
187
188	Removing the user-agent part
189	............................
190
191	Some web browser extensions, such as `uMatrix <https://github.com/gorhill/uMatrix/wiki>`__
192	might be configured to change the user-agent on a regular basis. If you think that
193	some of your users might be using configurations like this, you might want to disable
194	the mixing of the user-agent in the cookie's encryption key. The simplest way to do
195	so is to set the environment variable ``HTTP_USER_AGENT`` to a fixed value before passing
196	it to your php process.
197
198	We think that this use case is too exotic to be worth implementing as a
199	proper configuration directive.
200
201	.. _env-var-config:
202
203	Choosing the proper environment variable
204	........................................
205
206	It's up to you to choose a meaningful environment variable to derive the key from.
207	Suhosin `is using <https://www.suhosin.org/stories/configuration.html#suhosin-session-cryptraddr>`_
208	the ``REMOTE_ADDR`` one, tying the validity of the cookie to the IP address of the user;
209	unfortunately, nowadays, people are `roaming <https://en.wikipedia.org/wiki/Roaming>`_ a lot on their smartphone,
210	hopping from WiFi to 4G.
211
212	This is why we recommend, if possible, to use the extended master secret
213	from TLS connections (`RFC7627 <https://tools.ietf.org/html/rfc7627>`_)
214	instead. The will make the validity of the cookie TLS-dependent, by using the ``SSL_SESSION_ID`` variable.
215
216	- In `Apache <https://httpd.apache.org/docs/current/mod/mod_ssl.html>`_,
217	it is possible to enable by adding ``SSLOptions StdEnvVars`` in your Apache2 configuration.
218	- In `nginx <https://nginx.org/en/docs/http/ngx_http_ssl_module.html#variables>`_,
219	you have to use ``fastcgi_param SSL_SESSION_ID $ssl_session_id if_not_empty;``.
220		128
221	If you aren't using TLS (you should be), you can always use the ``REMOTE_ADDR`` one,
222	or ``X-Real-IP`` if you're behind a reverse proxy.
223		129
224	readonly_exec	130	readonly_exec
225	^^^^^^^^^^^^^	131	^^^^^^^^^^^^^


diff --git a/doc/source/encryption.rst b/doc/source/encryption.rst new file mode 100644 index 0000000..8ac6861 --- /dev/null +++ b/doc/source/encryption.rst
@@ -0,0 +1,132 @@
		1	.. _cookie-encryption-config:
		2
		3	Cookies
		4	=======
		5
		6	auto_cookie_secure
		7	""""""""""""""""""
		8
		9	:ref:`auto_cookie_secure <auto-cookie-secure-feature>`, disabled by default,
		10	will automatically mark cookies as `secure
		11	<https://en.wikipedia.org/wiki/HTTP_cookie#Secure_cookie>`_ when the web page
		12	is requested over HTTPS.
		13
		14	It can either be ``enabled`` or ``disabled``.
		15
		16	::
		17
		18	sp.auto_cookie_secure.enable();
		19	sp.auto_cookie_secure.disable();
		20
		21	cookie_samesite
		22	"""""""""""""""
		23
		24	:ref:`samesite <samesite-feature>`, disabled by default, will add the `samesite
		25	<https://tools.ietf.org/html/draft-west-first-party-cookies-07>`_ attribute to
		26	cookies. It `prevents CSRF <https://www.owasp.org/index.php/SameSite>`_ but is
		27	not implemented by `all web browsers <https://caniuse.com/#search=samesite>`_
		28	yet.
		29
		30	It can either be set to ``strict`` or ``lax``:
		31
		32	- The ``lax`` attribute prevents cookies from being sent cross-domain for
		33	"dangerous" methods, like ``POST``, ``PUT`` or ``DELETE``.
		34
		35	- The ``strict`` one prevents any cookies from beind sent cross-domain.
		36
		37	::
		38
		39	sp.cookie.name("cookie1").samesite("lax");
		40	sp.cookie.name("cookie2").samesite("strict");;
		41
		42	.. _cookie-encryption_config:
		43
		44	Cookie encryption
		45	"""""""""""""""""
		46
		47	The encryption is done via the `tweetnacl library <https://tweetnacl.cr.yp.to/>`_,
		48	thus using `curve25519<https://en.wikipedia.org/wiki/Curve25519>`__, `xsalsa20 <https://en.wikipedia.org/wiki/Salsa20#ChaCha_variant>`__ and `poly1305 <https://en.wikipedia.org/wiki/Poly1305>`__ for the encryption. We chose this
		49	library because of its portability, simplicity and reduced size (a single `.h` and
		50	`.c` file.).
		51
		52	The key is derived from multiple sources, such as :
		53	* The ``secret_key`` provided in the configuration.
		54	* An environment variable, such as the ``REMOTE_ADDR`` (remote IP address) or the extended master secret from TLS connections (`RFC7627 <https://tools.ietf.org/html/rfc7627>`_)
		55	* The user-agent.
		56
		57
		58	.. warning::
		59
		60	To use this feature, you must set the :ref:`global.secret_key <config_global>`
		61	and the :ref:`global.cookie_env_var <config_global>` variables.
		62	This design decision prevents an attacker from
		63	`trivially bruteforcing <https://www.idontplaydarts.com/2011/11/decrypting-suhosin-sessions-and-cookies/>`_
		64	or re-using session cookies.
		65	If the simulation mode isn’t specified in the configuration, snuffleupagus will drop any request that it was unable to decrypt.
		66
		67	Since PHP doesn't handle session cookie and non-session cookie in the same way,
		68	thus we are providing two different options:
		69
		70	* For the session cookie, the encryption happens server-side: The cookie's value isn't encrypted, only the session content is.
		71	* For the non-session cookie, the value is encrypted.
		72
		73	Session cookie
		74	..............
		75
		76	:ref:`Session encryption <cookie-encryption-feature>`, disabled by default, will activate transparent session encryption.
		77	It can either be ``enabled`` or ``disabled`` and can be used in ``simulation`` mode.
		78
		79	::
		80
		81	sp.session.encrypt();
		82	sp.session.simulation();
		83
		84
		85	Non-session cookie
		86	..................
		87
		88	:ref:`Cookie encryption <cookie-encryption-feature>`, disabled by default, will activate transparent encryption of specific cookies.
		89
		90	It can either be ``enabled`` or ``disabled`` and can be used in ``simulation`` mode.
		91
		92	::
		93
		94	sp.cookie.name("my_cookie_name").encrypt();
		95	sp.cookie.name("another_cookie_name").encrypt();
		96
		97
		98	Removing the user-agent part
		99	............................
		100
		101	Some web browser extensions, such as `uMatrix <https://github.com/gorhill/uMatrix/wiki>`__
		102	might be configured to change the user-agent on a regular basis. If you think that
		103	some of your users might be using configurations like this, you might want to disable
		104	the mixing of the user-agent in the cookie's encryption key. The simplest way to do
		105	so is to set the environment variable ``HTTP_USER_AGENT`` to a fixed value before passing
		106	it to your php process.
		107
		108	We think that this use case is too exotic to be worth implementing as a
		109	proper configuration directive.
		110
		111	.. _env-var-config:
		112
		113	Choosing the proper environment variable
		114	........................................
		115
		116	It's up to you to choose a meaningful environment variable to derive the key from.
		117	Suhosin `is using <https://www.suhosin.org/stories/configuration.html#suhosin-session-cryptraddr>`_
		118	the ``REMOTE_ADDR`` one, tying the validity of the cookie to the IP address of the user;
		119	unfortunately, nowadays, people are `roaming <https://en.wikipedia.org/wiki/Roaming>`_ a lot on their smartphone,
		120	hopping from WiFi to 4G.
		121
		122	This is why we recommend, if possible, to use the extended master secret
		123	from TLS connections (`RFC7627 <https://tools.ietf.org/html/rfc7627>`_)
		124	instead. The will make the validity of the cookie TLS-dependent, by using the ``SSL_SESSION_ID`` variable.
		125
		126	- In `Apache <https://httpd.apache.org/docs/current/mod/mod_ssl.html>`_,
		127	it is possible to enable by adding ``SSLOptions StdEnvVars`` in your Apache2 configuration.
		128	- In `nginx <https://nginx.org/en/docs/http/ngx_http_ssl_module.html#variables>`_,
		129	you have to use ``fastcgi_param SSL_SESSION_ID $ssl_session_id if_not_empty;``.
		130
		131	If you aren't using TLS (you should be), you can always use the ``REMOTE_ADDR`` one,
		132	or ``X-Real-IP`` if you're behind a reverse proxy.


diff --git a/doc/source/features.rst b/doc/source/features.rst index 24c5074..08ad3d4 100644 --- a/doc/source/features.rst +++ b/doc/source/features.rst
@@ -63,8 +63,8 @@ Examples of related vulnerabilities
63		63
64	.. _cookie-encryption-feature:	64	.. _cookie-encryption-feature:
65		65
66	Session-cookie stealing via XSS	66	Cookie stealing via XSS
67	^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^	67	^^^^^^^^^^^^^^^^^^^^^^^
68		68
69	The goto payload for XSS is often to steal cookies.	69	The goto payload for XSS is often to steal cookies.
70	Like Suhosin, we are encrypting the cookies with a secret key,	70	Like Suhosin, we are encrypting the cookies with a secret key,
@@ -79,10 +79,7 @@ This feature is roughly the same than the `Suhosin one <https://suhosin.org/stor
79	Having a secret server-side key will prevent anyone (even the user himself)	79	Having a secret server-side key will prevent anyone (even the user himself)
80	from reading the content of the cookie, reducing the impact of an application storing sensitive data client-side.	80	from reading the content of the cookie, reducing the impact of an application storing sensitive data client-side.
81		81
82	The encryption is done via the `tweetnacl library <https://tweetnacl.cr.yp.to/>`_,	82
83	thus using curve25519, xsalsa20 and poly1305 for the encryption. We chose this
84	library because of its portability, simplicity and reduced size (a single `.h` and
85	`.c` file.).
86		83
87		84
88	.. _fileupload-feature:	85	.. _fileupload-feature:


diff --git a/doc/source/index.rst b/doc/source/index.rst index 28d0474..22cdcb8 100644 --- a/doc/source/index.rst +++ b/doc/source/index.rst
@@ -19,6 +19,7 @@ Documentation
19	changelog	19	changelog
20	faq	20	faq
21	papers	21	papers
		22	encryption
22		23
23	Greetings	24	Greetings
24	---------	25	---------