Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Only check auth secure on release mode. #4127

Merged
merged 5 commits into from
Nov 7, 2023
Merged

Only check auth secure on release mode. #4127

merged 5 commits into from
Nov 7, 2023

Conversation

dessalines
Copy link
Member

@dessalines dessalines commented Nov 2, 2023
edited
Loading

It wasn't necessary to not set secure headers on debug mode.

Nutomic
Nutomic reviewed Nov 3, 2023
View reviewed changes
crates/api/src/lib.rs Outdated
@@ -85,7 +85,8 @@ pub fn read_auth_token(req: &HttpRequest) -> Result<Option<String>, LemmyError>
// ensure that its marked as httponly and secure
let secure = cookie.secure().unwrap_or_default();
let http_only = cookie.http_only().unwrap_or_default();
if !secure || !http_only {

if !cfg!(debug_assertions) && (!secure || !http_only) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Its a bit hard to read like this, better make a var like let is_debug_mode = cfg!(debug_assertions)

@Nutomic Nutomic merged commit 98ed0e5 into main Nov 7, 2023
dullbananas pushed a commit to dullbananas/lemmy that referenced this pull request Nov 7, 2023
@dessalines @Nutomic @phiresky
Primary keys dess (#17)
a9d0668 
* Also order reports by oldest first (ref LemmyNet#4123) (LemmyNet#4129)

* Support signed fetch for federation (fixes LemmyNet#868) (LemmyNet#4125)

* Support signed fetch for federation (fixes LemmyNet#868)

* taplo

* add federation queue state to get_federated_instances api (LemmyNet#4104)

* add federation queue state to get_federated_instances api

* feature gate

* move retry sleep function

* move stuff around

* Add UI setting for collapsing bot comments. Fixes LemmyNet#3838 (LemmyNet#4098)

* Add UI setting for collapsing bot comments. Fixes LemmyNet#3838

* Fixing clippy check.

* Only keep sent and received activities for 7 days (fixes LemmyNet#4113, fixes LemmyNet#4110) (LemmyNet#4131)

* Only check auth secure on release mode. (LemmyNet#4127)

* Only check auth secure on release mode.

* Fixing wrong js-client.

* Adding is_debug_mode var.

* Fixing the desktop image on the README. (LemmyNet#4135)

* Delete dupes and add possibly missing unique constraint on person_aggregates.

* Fixing clippy lints.

---------

Co-authored-by: Nutomic <me@nutomic.com>
Co-authored-by: phiresky <phireskyde+git@gmail.com>
dessalines added a commit that referenced this pull request Nov 13, 2023
@dullbananas @dessalines
@Nutomic @phiresky
Remove id column and use different primary key on some tables (#4093)
8e2cbc9 
* post_saved

* fmt

* remove unique and not null

* put person_id first in primary key and remove index

* use post_saved.find

* change captcha_answer

* remove removal of not null

* comment_aggregates

* comment_like

* comment_saved

* aggregates

* remove "\"

* deduplicate site_aggregates

* person_post_aggregates

* community_moderator

* community_block

* community_person_ban

* custom_emoji_keyword

* federation allow/block list

* federation_queue_state

* instance_block

* local_site_rate_limit, local_user_language, login_token

* person_ban, person_block, person_follower, post_like, post_read, received_activity

* community_follower, community_language, site_language

* fmt

* image_upload

* remove unused newtypes

* remove more indexes

* use .find

* merge

* fix site_aggregates_site function

* fmt

* Primary keys dess (#17)

* Also order reports by oldest first (ref #4123) (#4129)

* Support signed fetch for federation (fixes #868) (#4125)

* Support signed fetch for federation (fixes #868)

* taplo

* add federation queue state to get_federated_instances api (#4104)

* add federation queue state to get_federated_instances api

* feature gate

* move retry sleep function

* move stuff around

* Add UI setting for collapsing bot comments. Fixes #3838 (#4098)

* Add UI setting for collapsing bot comments. Fixes #3838

* Fixing clippy check.

* Only keep sent and received activities for 7 days (fixes #4113, fixes #4110) (#4131)

* Only check auth secure on release mode. (#4127)

* Only check auth secure on release mode.

* Fixing wrong js-client.

* Adding is_debug_mode var.

* Fixing the desktop image on the README. (#4135)

* Delete dupes and add possibly missing unique constraint on person_aggregates.

* Fixing clippy lints.

---------

Co-authored-by: Nutomic <me@nutomic.com>
Co-authored-by: phiresky <phireskyde+git@gmail.com>

* fmt

* Update community_block.rs

* Update instance_block.rs

* Update person_block.rs

* Update person_block.rs

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
Co-authored-by: Nutomic <me@nutomic.com>
Co-authored-by: phiresky <phireskyde+git@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Nutomic Nutomic Nutomic approved these changes

@phiresky phiresky Awaiting requested review from phiresky phiresky is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dessalines @Nutomic