Add comment bits for SSL and delete some garbage from template
This commit is contained in:
parent
7857a8a964
commit
8e3675865d
2 changed files with 10 additions and 13 deletions
|
@ -69,9 +69,10 @@ instance Yesod App where
|
||||||
|
|
||||||
-- Store session data on the client in encrypted cookies,
|
-- Store session data on the client in encrypted cookies,
|
||||||
-- default session idle timeout is 120 minutes
|
-- default session idle timeout is 120 minutes
|
||||||
makeSessionBackend _ = Just <$> defaultClientSessionBackend
|
makeSessionBackend _ =
|
||||||
120 -- timeout in minutes
|
-- sslOnlySessions $
|
||||||
"config/client_session_key.aes"
|
Just <$>
|
||||||
|
defaultClientSessionBackend 120 "config/client_session_key.aes"
|
||||||
|
|
||||||
-- Yesod Middleware allows you to run code before and after each handler function.
|
-- Yesod Middleware allows you to run code before and after each handler function.
|
||||||
-- The defaultYesodMiddleware adds the response header "Vary: Accept, Accept-Language" and performs authorization checks.
|
-- The defaultYesodMiddleware adds the response header "Vary: Accept, Accept-Language" and performs authorization checks.
|
||||||
|
@ -79,7 +80,10 @@ instance Yesod App where
|
||||||
-- a) Sets a cookie with a CSRF token in it.
|
-- a) Sets a cookie with a CSRF token in it.
|
||||||
-- b) Validates that incoming write requests include that token in either a header or POST parameter.
|
-- b) Validates that incoming write requests include that token in either a header or POST parameter.
|
||||||
-- For details, see the CSRF documentation in the Yesod.Core.Handler module of the yesod-core package.
|
-- For details, see the CSRF documentation in the Yesod.Core.Handler module of the yesod-core package.
|
||||||
yesodMiddleware = defaultCsrfMiddleware . defaultYesodMiddleware
|
yesodMiddleware =
|
||||||
|
defaultCsrfMiddleware .
|
||||||
|
-- sslOnlyMiddleware 120 .
|
||||||
|
defaultYesodMiddleware
|
||||||
|
|
||||||
defaultLayout widget = do
|
defaultLayout widget = do
|
||||||
master <- getYesod
|
master <- getYesod
|
||||||
|
|
|
@ -1,10 +1,6 @@
|
||||||
$newline never
|
$newline never
|
||||||
\<!doctype html>
|
<!doctype html>
|
||||||
\<!--[if lt IE 7]> <html class="no-js ie6 oldie" lang="en"> <![endif]-->
|
<html class="no-js" lang="en">
|
||||||
\<!--[if IE 7]> <html class="no-js ie7 oldie" lang="en"> <![endif]-->
|
|
||||||
\<!--[if IE 8]> <html class="no-js ie8 oldie" lang="en"> <![endif]-->
|
|
||||||
\<!--[if gt IE 8]><!-->
|
|
||||||
<html class="no-js" lang="en"> <!--<![endif]-->
|
|
||||||
<head>
|
<head>
|
||||||
<meta charset="UTF-8">
|
<meta charset="UTF-8">
|
||||||
|
|
||||||
|
@ -16,9 +12,6 @@ $newline never
|
||||||
|
|
||||||
^{pageHead pc}
|
^{pageHead pc}
|
||||||
|
|
||||||
\<!--[if lt IE 9]>
|
|
||||||
\<script src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script>
|
|
||||||
\<![endif]-->
|
|
||||||
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.js">
|
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.js">
|
||||||
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.0.3/js.cookie.min.js">
|
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.0.3/js.cookie.min.js">
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue