diff --git a/changedetectionio/__init__.py b/changedetectionio/__init__.py index 6b202a5f..faa89609 100644 --- a/changedetectionio/__init__.py +++ b/changedetectionio/__init__.py @@ -250,6 +250,11 @@ def changedetection_app(config=None, datastore_o=None): # (No password in settings or env var) app.config['LOGIN_DISABLED'] = datastore.data['settings']['application']['password'] == False and os.getenv("SALTED_PASS", False) == False + # Set the auth cookie path if we're running as X-settings/X-Forwarded-Prefix + if os.getenv('USE_X_SETTINGS') and 'X-Forwarded-Prefix' in request.headers: + app.config['REMEMBER_COOKIE_PATH'] = request.headers['X-Forwarded-Prefix'] + app.config['SESSION_COOKIE_PATH'] = request.headers['X-Forwarded-Prefix'] + # For the RSS path, allow access via a token if request.path == '/rss' and request.args.get('token'): app_rss_token = datastore.data['settings']['application']['rss_access_token'] diff --git a/requirements.txt b/requirements.txt index 56dbcc9e..6ab598dd 100644 --- a/requirements.txt +++ b/requirements.txt @@ -3,7 +3,7 @@ flask~= 2.0 eventlet>=0.31.0 validators timeago ~=1.0 -inscriptis ~= 1.2 +inscriptis ~= 2.2 feedgen ~= 0.9 flask-login ~= 0.5 pytz