hotfix: set SESSION_COOKIE_SECURE = True

[wesleyboar]

Overview

Hotfix setting SESSION_COOKIE_SECURE = True.

Warning Unable to test on an environment that mirrors production.

Important Target branch (which I created yesterday) https://github.com/TACC/Core-CMS-Custom/tree/release/apcd-prod-2022-11 is off 3a439ba.[^1]

Note Target branch changed after merge to essentially be release/apcd-prod-2022-11-plus-secure-cookie-hotfix. Details.

Related

• mimics https://github.com/TACC/Core-CMS/pull/695
• alternative to https://github.com/TACC/Core-CMS-Custom/pull/196

Changes

• added new setting

Testing

Target Branch

Confirm 3a439ba is the most recently deployed taccwma/apcd-cms tag.[^1]

Portal Login Cookie

1. In Chrome/ium DevTools > Application > Cookies
2. Confirm "Secure" column for "sessionid" cookie is checked.

Any CMS Page

Confirm style on CMS pages is unchanged from https://txapcd.org/.

UI

Skipped.

[^1]: I think 3a439ba is the most recently deployed taccwma/apcd-cms tag. Reference.

[wesleyboar]

I did poorly naming branches.

So, after merge:

1. I created branch release/apcd-prod-2022-11-plus-secure-cookie-hotfix from the merge commit.
2. I deleted branch release/apcd-prod-2022-11.
3. I re-created branch release/apcd-prod-2022-11 off of 3a439ba.

Thus, release/apcd-prod-2022-11-plus-secure-cookie-hotfix is what to deploy.

^{After this, we need to consider release strategy for CMS apps in this repo.}