From 6a0e0721e998e1a972ca34624a77b31892a57c84 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sybren=20A=2E=20St=C3=BCvel?= Date: Thu, 15 Mar 2018 11:39:15 +0100 Subject: [PATCH] Require SERVER_NAME to be a FQDN with TLD A fully-qualified domain name, including a top-level domain name, is required for Chrome to accept session cookies. For more info, see https://stackoverflow.com/questions/27254013/why-does-the-session-cookie-work-when-serving-from-a-domain-but-not-when-using-a#27276450 --- pillar/__init__.py | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/pillar/__init__.py b/pillar/__init__.py index 1fbd964a..7d385d8d 100644 --- a/pillar/__init__.py +++ b/pillar/__init__.py @@ -124,9 +124,7 @@ class PillarServer(BlinkerCompatibleEve): 'api', 'eve_settings.py') # self.settings = self.config['EVE_SETTINGS_PATH'] self.load_config() - - if not self.config.get('SECRET_KEY'): - raise ConfigurationMissingError('SECRET_KEY configuration key is missing') + self._validate_config() # Configure authentication self.login_manager = auth.config_login_manager(self) @@ -142,6 +140,14 @@ class PillarServer(BlinkerCompatibleEve): self.before_first_request(self.setup_db_indices) + def _validate_config(self): + if not self.config.get('SECRET_KEY'): + raise ConfigurationMissingError('SECRET_KEY configuration key is missing') + + server_name = self.config.get('SERVER_NAME', '') + if server_name != 'localhost' and '.' not in server_name: + raise ConfigurationMissingError('SERVER_NAME should contain a FQDN with TLD') + def _load_flask_config(self): # Load configuration from different sources, to make it easy to override # settings with secrets, as well as for development & testing.