diff options
Diffstat (limited to 'ci/container/config-templates/SessionProvider-template.json')
| -rw-r--r-- | ci/container/config-templates/SessionProvider-template.json | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/ci/container/config-templates/SessionProvider-template.json b/ci/container/config-templates/SessionProvider-template.json index e281edf..328f06f 100644 --- a/ci/container/config-templates/SessionProvider-template.json +++ b/ci/container/config-templates/SessionProvider-template.json @@ -1,6 +1,6 @@ { - "debug": false, + "debug": ${DEBUG_PLUGINS}, //Provider assemblies to load "provider_assemblies": [ "VNLib.Plugins.Sessions.VNCache.dll" ], @@ -16,6 +16,10 @@ //time (in seconds) a session is valid for "valid_for_sec": 3600, //The maxium number of connections waiting for the cache server responses - "max_waiting_connections": 100 + "max_waiting_connections": 100, + //Enforce strict cross-origin session checks + "strict_cors": true, + ///Enforces strict TLS to help prevent tls downgrades based on stored session variables (privacy note: this can be leaked through brute-forced if session id is stolen) + "strict_tls_protocol": true } }
\ No newline at end of file |