Security Headers and Secure Cookies
- 83f67eb3 aurweb.asgi: add security headers middleware
- efe4225e set AURLANG + AURTZ on login
- b06ea1d1 add util.add_samesite_fields(response, value)
- d2b98b64 use secure=True when options.disable_http_login is enabled
This commit should completely address #26 (closed) and give green toward https://securityheaders.com/?q=https%3A%2F%2Faur.archlinux.org
I'd like +2 LGTM before I merge this. Thanks for the issues!
Edited by Kevin Morris