From 1b7270b40b65ef089bf40a14065227f742b8507e Mon Sep 17 00:00:00 2001
From: vnugent <public@vaughnnugent.com>
Date: Tue, 14 May 2024 21:52:03 -0400
Subject: chore: make container slightly easier to setup

---
 ci/config/SessionProvider.json | 6 +++++-
 ci/config/config.json          | 2 +-
 2 files changed, 6 insertions(+), 2 deletions(-)

(limited to 'ci/config')

diff --git a/ci/config/SessionProvider.json b/ci/config/SessionProvider.json
index e281edf..6828114 100644
--- a/ci/config/SessionProvider.json
+++ b/ci/config/SessionProvider.json
@@ -16,6 +16,10 @@
     //time (in seconds) a session is valid for
     "valid_for_sec": 3600,
     //The maxium number of connections waiting for the cache server responses
-    "max_waiting_connections": 100
+    "max_waiting_connections": 100,
+    //Enforce strict cross-origin session checks
+    "strict_cors": true,
+    ///Enforces strict TLS to help prevent tls downgrades based on stored session variables (privacy note: this can be leaked through brute-forced if session id is stolen)
+    "strict_tls_protocol": true
   } 
 }
\ No newline at end of file
diff --git a/ci/config/config.json b/ci/config/config.json
index 37b952a..f6b55e9 100644
--- a/ci/config/config.json
+++ b/ci/config/config.json
@@ -177,6 +177,6 @@
   //Global secrets object, used by the host and pluings for a specialized secrets
   "secrets": {
     //"db_password": ""
-    "passwords": "yourbase64passwordsecret"
+    "passwords": "_yourbase64passwordsecret_"
   }
 }
-- 
cgit