From adcabcf3dd574d2e74e3e1eb9c43a2b1f821f410 Mon Sep 17 00:00:00 2001
From: 24024 <240241002@qq.com>
Date: Mon, 12 Jan 2026 01:10:19 +0800
Subject: [PATCH] =?UTF-8?q?fix(config):=20=E4=BF=AE=E6=94=B9SESSION=5FCOOK?=
 =?UTF-8?q?IE=5FSECURE=E9=85=8D=E7=BD=AE=E4=BB=A5=E9=80=82=E5=BA=94?=
 =?UTF-8?q?=E5=BC=80=E5=8F=91=E7=8E=AF=E5=A2=83?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- 将SESSION_COOKIE_SECURE设置为False以支持非HTTPS环境
- 注释更新以明确开发环境和非HTTPS生产环境的配置建议
- 保持SESSION_COOKIE_HTTPONLY启用防止XSS攻击
---
 __pycache__/config.cpython-312.pyc | Bin 1647 -> 1647 bytes
 config.py                          |   2 +-
 2 files changed, 1 insertion(+), 1 deletion(-)

diff --git a/__pycache__/config.cpython-312.pyc b/__pycache__/config.cpython-312.pyc
index ab610a397776b11d0ee1a2a195af425c80c167b0..5d21c6e1fa840ccc30ca668d96dfa6d762a00b47 100644
GIT binary patch
delta 33
ocmaFQ^PY$IG%qg~0}!O$OwLT3$h&}%W#hX4ER2ei*RdW10J8WCG5`Po

delta 33
ocmaFQ^PY$IG%qg~0}z;RNzTlf$h&}%edD_SEQ|`1*RdW10IdlM<^TWy

diff --git a/config.py b/config.py
index 01dfbe1..e198092 100644
--- a/config.py
+++ b/config.py
@@ -13,7 +13,7 @@ class Config:
     
     # Session 配置
     PERMANENT_SESSION_LIFETIME = 604800  # 7 天 (单位：秒)
-    SESSION_COOKIE_SECURE = True        # 开发环境设为 False，生产环境建议设为 True
+    SESSION_COOKIE_SECURE = False        # 开发环境或非 HTTPS 生产环境设为 False
     SESSION_COOKIE_HTTPONLY = True       # 防止 XSS 获取 Cookie
     
     # MinIO 配置