Home Explore Help
Register Sign In
OpenSource
/
open-webui
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

feat: add WEBUI_SESSION_COOKIE_SECURE

Jun Siang Cheah 11 months ago
parent
ae376ec8fe
commit
bba4c4242f
2 changed files with 7 additions and 0 deletions
Split View Show Diff Stats
  1. 5 0
      backend/config.py
  2. 2 0
      backend/main.py

+ 5 - 0
backend/config.py
View File 

@@ -760,6 +760,11 @@ WEBUI_SESSION_COOKIE_SAME_SITE = os.environ.get(
 
     os.environ.get("WEBUI_SESSION_COOKIE_SAME_SITE", "lax"),
 
 )
 
 
+WEBUI_SESSION_COOKIE_SECURE = os.environ.get(
 
+    "WEBUI_SESSION_COOKIE_SECURE",
 
+    os.environ.get("WEBUI_SESSION_COOKIE_SECURE", "false").lower() == "true",
 
+)
 
+
 
 if WEBUI_AUTH and WEBUI_SECRET_KEY == "":
 
     raise ValueError(ERROR_MESSAGES.ENV_VAR_NOT_FOUND)

+ 2 - 0
backend/main.py
View File 

@@ -79,6 +79,7 @@ from config import (
 
     OAUTH_MERGE_ACCOUNTS_BY_EMAIL,
 
     WEBUI_SECRET_KEY,
 
     WEBUI_SESSION_COOKIE_SAME_SITE,
 
+    WEBUI_SESSION_COOKIE_SECURE,
 
 )
 
 from constants import ERROR_MESSAGES, WEBHOOK_MESSAGES
 
 from utils.webhook import post_webhook
 
@@ -964,6 +965,7 @@ if len(OAUTH_PROVIDERS) > 0:
 
         secret_key=WEBUI_SECRET_KEY,
 
         session_cookie="oui-session",
 
         same_site=WEBUI_SESSION_COOKIE_SAME_SITE,
 
+        https_only=WEBUI_SESSION_COOKIE_SECURE,
 
     )