Require SERVER_NAME to be a FQDN with TLD

A fully-qualified domain name, including a top-level domain name, is required for Chrome to accept session cookies. For more info, see https://stackoverflow.com/questions/27254013/why-does-the-session-cookie-work-when-serving-from-a-domain-but-not-when-using-a#27276450
2018-03-15 11:39:15 +01:00 · 2018-03-15 11:39:15 +01:00 · 6a0e0721e9
commit 6a0e0721e9
parent 6f69fe5b8a
1 changed files with 9 additions and 3 deletions
--- a/pillar/init.py
+++ b/pillar/init.py
@ -124,9 +124,7 @@ class PillarServer(BlinkerCompatibleEve):
                                         'api', 'eve_settings.py')
        # self.settings = self.config['EVE_SETTINGS_PATH']
        self.load_config()
-
-        if not self.config.get('SECRET_KEY'):
-            raise ConfigurationMissingError('SECRET_KEY configuration key is missing')
+        self._validate_config()

        # Configure authentication
        self.login_manager = auth.config_login_manager(self)
@ -142,6 +140,14 @@ class PillarServer(BlinkerCompatibleEve):

        self.before_first_request(self.setup_db_indices)

+    def _validate_config(self):
+        if not self.config.get('SECRET_KEY'):
+            raise ConfigurationMissingError('SECRET_KEY configuration key is missing')
+
+        server_name = self.config.get('SERVER_NAME', '')
+        if server_name != 'localhost' and '.' not in server_name:
+            raise ConfigurationMissingError('SERVER_NAME should contain a FQDN with TLD')
+
    def _load_flask_config(self):
        # Load configuration from different sources, to make it easy to override
        # settings with secrets, as well as for development & testing.