Skip to content

Commit

Permalink
Reorder SecureCookiesMiddleware and add docstring
Browse files Browse the repository at this point in the history
  • Loading branch information
@nospame
nospame committed Sep 20, 2024
1 parent 7d98a3c commit f189561
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 2 deletions.
4 changes: 4 additions & 0 deletions corehq/middleware.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -340,6 +340,10 @@ def get_view_func(view_fn, view_kwargs):


class SecureCookiesMiddleware(MiddlewareMixin):
"""Sets `secure` flag for cookies on the response object.
Must be come before middleware that adds cookies, because of order and layering.
https://docs.djangoproject.com/en/4.2/topics/http/middleware/#middleware-order-and-layering
"""

def process_response(self, request, response):
if hasattr(response, 'cookies') and response.cookies:
Expand Down
3 changes: 1 addition & 2 deletions settings.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -146,6 +146,7 @@

MIDDLEWARE = [
'corehq.middleware.NoCacheMiddleware',
'corehq.middleware.SecureCookiesMiddleware',
'corehq.middleware.SelectiveSessionMiddleware',
'django.middleware.locale.LocaleMiddleware',
'django.middleware.common.CommonMiddleware',
Expand All @@ -171,8 +172,6 @@
'no_exceptions.middleware.NoExceptionsMiddleware',
'corehq.apps.locations.middleware.LocationAccessMiddleware',
'corehq.apps.cloudcare.middleware.CloudcareMiddleware',
# middleware that adds cookies must come before SecureCookiesMiddleware
'corehq.middleware.SecureCookiesMiddleware',
'field_audit.middleware.FieldAuditMiddleware',
]

Expand Down

0 comments on commit f189561

Please sign in to comment.