sirtimbly/bewcloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Optionally skip domain in cookie (#43)

Browse Source 
If you're using a reverse proxy like Cloudflare Tunnels, you can now set `CONFIG_SKIP_COOKIE_DOMAIN_SECURITY="true"` to avoid login issues.

Also makes some UX tweaks to Expenses, and fixes a style issue for Chrome in Windows (#44).

Fixes #43
Fixes #44
This commit is contained in:
Bruno Bernardino
2025-03-02 07:24:28 +00:00
parent 07bbfbb0a5
commit 05c20ec0a2
6 changed files with 43 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.env.sample
View File

@@ -19,3 +19,4 @@ CONFIG_FILES_ROOT_PATH="data-files"
CONFIG_ENABLE_EMAILS="false" # if true, email verification will be required for signups (using Brevo)
CONFIG_ENABLE_FOREVER_SIGNUP="true" # if true, all signups become active for 100 years
# CONFIG_ALLOWED_COOKIE_DOMAINS="example.com,example.net" # can be set to allow more than the BASE_URL's domain for session cookies
# CONFIG_SKIP_COOKIE_DOMAIN_SECURITY="true" # if true, the cookie domain will not be strictly set and checked against. This skipping slightly reduces security, but is usually necessary for reverse proxies like Cloudflare Tunnel.