From 17ca702cb32a27ff3f9620e3786e4f54b1e67e36 Mon Sep 17 00:00:00 2001
From: Raymond Machira <raymond.machira+git@gmail.com>
Date: Mon, 11 Apr 2016 13:01:14 -0500
Subject: [PATCH 1/2] Add environment variable to override secure_flag on
 session cookie

---
 redash/settings.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/redash/settings.py b/redash/settings.py
index 93a47d8666..b4abb2f564 100644
--- a/redash/settings.py
+++ b/redash/settings.py
@@ -122,6 +122,8 @@ def all_settings():
 
 JOB_EXPIRY_TIME = int(os.environ.get("REDASH_JOB_EXPIRY_TIME", 3600 * 6))
 COOKIE_SECRET = os.environ.get("REDASH_COOKIE_SECRET", "c292a0a3aa32397cdb050e233733900f")
+SESSION_COOKIE_SECURE = os.environ.get("REDASH_SESSION_COOKIE_SECURE", False)
+
 LOG_LEVEL = os.environ.get("REDASH_LOG_LEVEL", "INFO")
 
 # Mail settings:

From c19a0209ebd77b67166c2eeba3abe7e3546895cc Mon Sep 17 00:00:00 2001
From: Raymond Machira <raymond.machira+git@gmail.com>
Date: Wed, 20 Apr 2016 11:01:37 -0500
Subject: [PATCH 2/2] Make secure_flag environment var default to Enforce HTTPs

Also wraps parse_boolean around the os.get call for the secure_flag variable
---
 redash/settings.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/redash/settings.py b/redash/settings.py
index b4abb2f564..7e567cbf74 100644
--- a/redash/settings.py
+++ b/redash/settings.py
@@ -122,7 +122,7 @@ def all_settings():
 
 JOB_EXPIRY_TIME = int(os.environ.get("REDASH_JOB_EXPIRY_TIME", 3600 * 6))
 COOKIE_SECRET = os.environ.get("REDASH_COOKIE_SECRET", "c292a0a3aa32397cdb050e233733900f")
-SESSION_COOKIE_SECURE = os.environ.get("REDASH_SESSION_COOKIE_SECURE", False)
+SESSION_COOKIE_SECURE = parse_boolean(os.environ.get("REDASH_SESSION_COOKIE_SECURE") or str(ENFORCE_HTTPS))
 
 LOG_LEVEL = os.environ.get("REDASH_LOG_LEVEL", "INFO")