librelist archives

« back to archive

Broken sessions with custom heroku domain name

Broken sessions with custom heroku domain name

From:
Oliver Song
Date:
2013-01-27 @ 05:47
I have a Flask application hosted on Heroku, and the Heroku instance (say,
"helloworld.herokuapp.com") has a custom domain name, say 
"www.helloworld.com".


When I access the app at the native heroku URL, sessions work perfectly 
fine. When I access it atwww.helloworld.com, they don't work. I assume 
that this is because the session cookie that Flask is signing is for the 
wrong domain.


I tried assigning app.SESSION_COOKIE_DOMAIN and app.SERVER_NAME to 
'helloworld.com', but it still only signs the session cookies for 
helloworld.herokuapp.com.


Is there any way I can force the session cookies to sign as my custom domain?






Thanks,


Oliver



Re: [flask] Broken sessions with custom heroku domain name

From:
Markus Unterwaditzer
Date:
2013-01-27 @ 08:24
Oliver,

It's app.config['SESSION_COOKIE_DOMAIN'], not just an attribute on app.

-- Markus

Oliver Song <osong@mit.edu> wrote:

>
>I have a Flask application hosted on Heroku, and the Heroku instance
>(say, "helloworld.herokuapp.com") has a custom domain name, say
>"www.helloworld.com".
>
>
>When I access the app at the native heroku URL, sessions work perfectly
>fine. When I access it atwww.helloworld.com, they don't work. I assume
>that this is because the session cookie that Flask is signing is for
>the wrong domain.
>
>
>I tried assigning app.SESSION_COOKIE_DOMAIN and app.SERVER_NAME to
>'helloworld.com', but it still only signs the session cookies for
>helloworld.herokuapp.com.
>
>
>Is there any way I can force the session cookies to sign as my custom
>domain?
>
>
>
>
>
>
>Thanks,
>
>
>Oliver

-- 
Sent from my Android phone with K-9 Mail. Please excuse my brevity.

Re: [flask] Broken sessions with custom heroku domain name

From:
Oliver Song
Date:
2013-01-27 @ 17:39
Markus, 

After doing that, the good news is that something changed; the bad news is
that everything is 404'ing now.

This is what my config looks like:

app.config['SESSION_COOKIE_DOMAIN'] = '.helloworld.com'
app.config['SERVER_NAME'] = 'helloworld.com'


It seems like the client tries to get all assets from 
'http://www.helloworld.com/static/[whatever]'. What's weird is that when I
navigate to 'www.helloworld.com' it actually hits an unstyled 404 page 
that I have for my app. Which means it's hitting the application, but it 
doesn't know what route '/' is??

Oliver 


On Sunday, January 27, 2013 at 3:24 AM, Markus Unterwaditzer wrote:

> Oliver,
> 
> It's app.config['SESSION_COOKIE_DOMAIN'], not just an attribute on app.
> 
> -- Markus
> 
> Oliver Song <osong@mit.edu (mailto:osong@mit.edu)> wrote:
> > 
> > I have a Flask application hosted on Heroku, and the Heroku instance 
(say, "helloworld.herokuapp.com (http://helloworld.herokuapp.com)") has a 
custom domain name, say "www.helloworld.com (http://www.helloworld.com)".
> > 
> > 
> > When I access the app at the native heroku URL, sessions work 
perfectly fine. When I access it atwww.helloworld.com 
(http://www.helloworld.com), they don't work. I assume that this is 
because the session cookie that Flask is signing is for the wrong domain.
> > 
> > 
> > I tried assigning app.SESSION_COOKIE_DOMAIN and app.SERVER_NAME to 
'helloworld.com (http://helloworld.com)', but i t still only signs the 
session cookies for helloworld.herokuapp.com 
(http://helloworld.herokuapp.com).
> > 
> > 
> > Is there any way I can force the session cookies to sign as my custom domain?
> > 
> > 
> > 
> > 
> > 
> > 
> > Thanks,
> > 
> > 
> > Oliver
> > 
> > 
> > 
> > 
> 
> 
> 
> -- 
> Sent from my Android phone with K-9 Mail. Please excuse my brevity. 

Re: [flask] Broken sessions with custom heroku domain name

From:
Sean Whalen
Date:
2013-01-27 @ 18:16
Try commenting out the SERVER_NAME line.
On Jan 27, 2013 12:48 PM, "Oliver Song" <osong@mit.edu> wrote:

>  Markus,
>
> After doing that, the good news is that something changed; the bad news is
> that everything is 404'ing now.
>
> This is what my config looks like:
>
> *app.config['SESSION_COOKIE_DOMAIN'] = '.helloworld.com'*
> *app.config['SERVER_NAME'] = 'helloworld.com'*
>
> It seems like the client tries to get all assets from '*
> http://www.helloworld.com/static/[whatever]*'. What's weird is that when
> I navigate to '*www.helloworld.com*' it actually hits an unstyled 404
> page that I have for my app. Which means it's hitting the application, but
> it doesn't know what route '/' is??
>
> Oliver
>
> On Sunday, January 27, 2013 at 3:24 AM, Markus Unterwaditzer wrote:
>
> Oliver,
>
> It's app.config['SESSION_COOKIE_DOMAIN'], not just an attribute on app.
>
> -- Markus
>
> Oliver Song <osong@mit.edu> wrote:
>
>  I have a Flask application hosted on Heroku, and the Heroku instance
> (say, "helloworld.herokuapp.com") has a custom domain name, say "
> www.helloworld.com".
>
> When I access the app at the native heroku URL, sessions work perfectly
> fine. When I access it atwww.helloworld.com, they don't work. I assume
> that this is because the session cookie that Flask is signing is for the
> wrong domain.
>
> I tried assigning app.SESSION_COOKIE_DOMAIN and app.SERVER_NAME to '
> helloworld.com', but i t still only signs the session cookies for
> helloworld.herokuapp.com.
>
> Is there any way I can force the session cookies to sign as my custom
> domain?
>
>
> Thanks,
>
> Oliver
>
>
> --
> Sent from my Android phone with K-9 Mail. Please excuse my brevity.
>
>
>

Re: [flask] Broken sessions with custom heroku domain name

From:
Oliver Song
Date:
2013-01-27 @ 19:24
Markus,

You were right about the SERVER_NAME variable- it requires the full URL 
'www.helloworld.com'.
Knowing this, I just tried almost ever combination of the two lines,

app.config['SESSION_COOKIE_DOMAIN'] = x
app.config['SERVER_NAME'] = y


Including x,y =
*.helloworld.com, www.helloworld.com
helloworld, www.helloworld.com
www.helloworld.com, www.helloworld.com
.helloworld.com, www.helloworld.com

I also tried excluding SESSION_COOKIE_DOMAIN and just setting 
'SERVER_NAME' to 'www.helloworld.com'.

Nothing seemed to allow session cookies to store properly on the 
www.helloworld.com domain.

I'm starting to think I should just try implementing server-side sessions,
along the lines of http://flask.pocoo.org/snippets/86/. I just hope that 
no other functionality relies on Flask storing cookies...

Oliver


On Sunday, January 27, 2013 at 1:16 PM, Sean Whalen wrote:

> Try commenting out the SERVER_NAME line. 
> On Jan 27, 2013 12:48 PM, "Oliver Song" <osong@mit.edu 
(mailto:osong@mit.edu)> wrote:
> > Markus, 
> > 
> > After doing that, the good news is that something changed; the bad 
news is that everything is 404'ing now.
> > 
> > This is what my config looks like:
> > 
> > app.config['SESSION_COOKIE_DOMAIN'] = '.helloworld.com 
(http://helloworld.com)'
> > app.config['SERVER_NAME'] = 'helloworld.com (http://helloworld.com)'
> > 
> > 
> > It seems like the client tries to get all assets from 
'http://www.helloworld.com/static/[whatever] 
(http://www.helloworld.com/static/%5Bwhatever%5D)'. What's weird is that 
when I navigate to 'www.helloworld.com (http://www.helloworld.com)' it 
actually hits an unstyled 404 page that I have for my app. Which means 
it's hitting the application, but it doesn't know what route '/' is?? 
> > 
> > Oliver 
> > 
> > On Sunday, January 27, 2013 at 3:24 AM, Markus Unterwaditzer wrote:
> > 
> > > Oliver,
> > > 
> > > It's app.config['SESSION_COOKIE_DOMAIN'], not just an attribute on app.
> > > 
> > > -- Markus
> > > 
> > > Oliver Song <osong@mit.edu (mailto:osong@mit.edu)> wrote:
> > > > 
> > > > I have a Flask application hosted on Heroku, and the Heroku 
instance (say, "helloworld.herokuapp.com 
(http://helloworld.herokuapp.com)") has a custom domain name, say 
"www.helloworld.com (http://www.helloworld.com)".
> > > > 
> > > > 
> > > > When I access the app at the native heroku URL, sessions work 
perfectly fine. When I access it atwww.helloworld.com 
(http://www.helloworld.com), they don't work. I assume that this is 
because the session cookie that Flask is signing is for the wrong domain.
> > > > 
> > > > I tried assigning app.SESSION_COOKIE_DOMAIN and app.SERVER_NAME to
'helloworld.com', but i t still only signs the session cookies for 
helloworld.herokuapp.com (http://helloworld.herokuapp.com).
> > > > 
> > > > Is there any way I can force the session cookies to sign as my 
custom domain?
> > > > 
> > > > 
> > > > 
> > > > 
> > > > 
> > > > Thanks,
> > > > 
> > > > Oliver
> > > > 
> > > > 
> > > > 
> > > > 
> > > 
> > > 
> > > 
> > > -- 
> > > Sent from my Android phone with K-9 Mail. Please excuse my brevity. 
> > 

Re: [flask] Broken sessions with custom heroku domain name

From:
Sean Whalen
Date:
2013-01-27 @ 20:02
I think message flashing needs cookies.


On Sun, Jan 27, 2013 at 2:24 PM, Oliver Song <osong@mit.edu> wrote:

> Markus,
>
> You were right about the SERVER_NAME variable- it requires the full URL '
> www.helloworld.com'.
> Knowing this, I just tried almost ever combination of the two lines,
>
> *app.config['SESSION_COOKIE_DOMAIN'] = x*
> *app.config['SERVER_NAME'] = y*
>
> Including x,y =
> **.helloworld.com, www.helloworld.com*
> *helloworld, www.helloworld.com*
> *www.helloworld.com, www.helloworld.com*
> *.helloworld.com, www.helloworld.com*
>
> I also tried excluding *SESSION_COOKIE_DOMAIN* and just setting '*
> SERVER_NAME*' to '*www.hellowo rld.com*'.
>
> Nothing seemed to allow session cookies to store properly on the
> www.helloworld.com domain.
>
> I'm starting to think I should just try implementing server-side sessions,
> along the lines of http://flask.pocoo.org/snippets/86/. I just hope that
> no other functionality relies on Flask storing cookies...
>
> Oliver
>
>  On Sunday, January 27, 2013 at 1:16 PM, Sean Whalen wrote:
>
> Try commenting out the SERVER_NAME line.
> On Jan 27, 2013 12:48 PM, "Oliver Song" <osong@mit.edu> wrote:
>
>  Markus,
>
> After doing that, the good news is that something changed; the bad news is
> that everything is 404'ing now.
>
> This is what my config looks like:
>
> *app.config['SESSION_COOKIE_DOMAIN'] = '.helloworld.com'*
> *app.config['SERVER_NAME'] = 'helloworld.com'*
>
> It seems like the client tries to get all assets from '*
> http://www.helloworld.com/static/[whatever]*'. What's weird is that when
> I navigate to '*www.helloworld.com*' it actually hits an unstyled 404
> page that I have for my app. Which means it's hitting the application, but
> it doesn't know what route '/' is??
>
> Oliver
>
> On Sunday, January 27, 2013 at 3:24 AM, Markus Unterwaditzer wrote:
>
> Oliver,
>
> It's app.config['SESSION_COOKIE_DOMAIN'], not just an attribute on app.
>
> -- Markus
>
> Oliver Song <osong@mit.edu> wrote:
>
>  I have a Flask application hosted on Heroku, and the Heroku instance
> (say, "helloworld.herokuapp.com") has a custom domain name, say "
> www.helloworld.com".
>
> When I access the app at the native heroku URL, sessions work perfectly
> fine. When I access it atwww.helloworld.com, they don't work. I assume
> that this is because the session cookie that Flask is signing is for the
> wrong domain.
>
> I tried assigning app.SESSION_COOKIE_DOMAIN and app.SERVER_NAME to '
> helloworld.com', but i t still only signs the session cookies for
> helloworld.herokuapp.com.
>
> Is there any way I can force the session cookies to sign as my custom
> domain?
>
>
> Thanks,
>
> Oliver
>
>
> --
> Sent from my Android phone with K-9 Mail. Please excuse my brevity.
>
>
>
>

Re: [flask] Broken sessions with custom heroku domain name

From:
Oliver Song
Date:
2013-01-28 @ 08:59
For the record, after implementing redis sessions, it became apparent that
the problem was with Heroku. They have some strange routing behavior going
on with apps assigned with custom domains that somehow breaks domain 
cookies. I switched to Amazon EC2 and everything works as expected.

Thanks for all the help Markus and Sean!

Oliver 


On Sunday, January 27, 2013 at 3:02 PM, Sean Whalen wrote:

> I think message flashing needs cookies.
> 
> 
> On Sun, Jan 27, 2013 at 2:24 PM, Oliver Song <osong@mit.edu 
(mailto:osong@mit.edu)> wrote:
> > Markus,
> > 
> > You were right about the SERVER_NAME variable- it requires the full 
URL 'www.helloworld.com (http://www.helloworld.com)'.
> > Knowing this, I just tried almost ever combination of the two lines,
> > 
> > app.config['SESSION_COOKIE_DOMAIN'] = x
> > app.config['SERVER_NAME'] = y
> > 
> > 
> > Including x,y =
> > *.helloworld.com (http://helloworld.com), www.helloworld.com 
(http://www.helloworld.com)
> > helloworld, www.helloworld.com (http://www.helloworld.com)
> > www.helloworld.com (http://www.helloworld.com), www.helloworld.com 
(http://www.helloworld.com)
> > .helloworld.com (http://helloworld.com), www.helloworld.com 
(http://www.helloworld.com)
> > 
> > I also tried excluding SESSION_COOKIE_DOMAIN and just setting 
'SERVER_NAME' to 'www.hellowo (http://www.hellowo) rld.com 
(http://rld.com)'.
> > 
> > Nothing seemed to allow session cookies to store properly on the 
www.helloworld.com (http://www.helloworld.com) domain. 
> > 
> > I'm starting to think I should just try implementing server-side 
sessions, along the lines of http://flask.pocoo.org/snippets/86/. I just 
hope that no other functionality relies on Flask storing cookies... 
> > 
> > Oliver
> > 
> > 
> > On Sunday, January 27, 2013 at 1:16 PM, Sean Whalen wrote:
> > 
> > > Try commenting out the SERVER_NAME line. 
> > > On Jan 27, 2013 12:48 PM, "Oliver Song" <osong@mit.edu 
(mailto:osong@mit.edu)> wrote:
> > > > Markus, 
> > > > 
> > > > After doing that, the good news is that something changed; the bad
news is that everything is 404'ing now.
> > > > 
> > > > This is what my config looks like:
> > > > 
> > > > app.config['SESSION_COOKIE_DOMAIN'] = '.helloworld.com 
(http://helloworld.com)'
> > > > app.config['SERVER_NAME'] = 'helloworld.com (http://helloworld.com)'
> > > > 
> > > > 
> > > > It seems like the client tries to get all assets from 
'http://www.helloworld.com/static/[whatever] 
(http://www.helloworld.com/static/%5Bwhatever%5D)'. What's weird is that 
when I navigate to 'www.helloworld.com (http://www.helloworld.com)' it 
actually hits an unstyled 404 page that I have for my app. Which means 
it's hitting the application, but it doesn't know what route '/' is?? 
> > > > 
> > > > Oliver 
> > > > 
> > > > On Sunday, January 27, 2013 at 3:24 AM, Markus Unterwaditzer wrote:
> > > > 
> > > > > Oliver,
> > > > > 
> > > > > It's app.config['SESSION_COOKIE_DOMAIN'], not just an attribute on app.
> > > > > 
> > > > > -- Markus
> > > > > 
> > > > > Oliver Song <osong@mit.edu (mailto:osong@mit.edu)> wrote:
> > > > > > 
> > > > > > I have a Flask application hosted on Heroku, and the Heroku 
instance (say, "helloworld.herokuapp.com 
(http://helloworld.herokuapp.com)") has a custom domain name, say 
"www.helloworld.com (http://www.helloworld.com)".
> > > > > > 
> > > > > > 
> > > > > > When I access the app at the native heroku URL, sessions work 
perfectly fine. When I access it atwww.helloworld.com 
(http://www.helloworld.com), they don't work. I assume that this is 
because the session cookie that Flask is signing is for the wrong domain.
> > > > > > 
> > > > > > I tried assigning app.SESSION_COOKIE_DOMAIN and 
app.SERVER_NAME to 'helloworld.com', but i t still only signs the session 
cookies for helloworld.herokuapp.com (http://helloworld.herokuapp.com).
> > > > > > 
> > > > > > Is there any way I can force the session cookies to sign as my
custom domain?
> > > > > > 
> > > > > > 
> > > > > > 
> > > > > > 
> > > > > > 
> > > > > > Thanks,
> > > > > > 
> > > > > > Oliver
> > > > > > 
> > > > > > 
> > > > > > 
> > > > > > 
> > > > > 
> > > > > 
> > > > > 
> > > > > -- 
> > > > > Sent from my Android phone with K-9 Mail. Please excuse my brevity. 
> > > > 
> > 
> 

Re: [flask] Broken sessions with custom heroku domain name

From:
Oliver Song
Date:
2013-01-27 @ 17:44
More info: 

I removed the 'SERVER_NAME' config, and now the application serves 
correctly, but I have the same problem as before.

Even though the perm is set, cookies don't seem to be correctly setting 
for domain '.helloworld.com'. I don't see any session variables being set 
while on the site.

Is there any way I can manually set the session on the live site and try 
to verify whether it sets?

Thanks,
Oliver


On Sunday, January 27, 2013 at 12:39 PM, Oliver Song wrote:

> Markus, 
> 
> After doing that, the good news is that something changed; the bad news 
is that everything is 404'ing now.
> 
> This is what my config looks like:
> 
> app.config['SESSION_COOKIE_DOMAIN'] = '.helloworld.com (http://helloworld.com)'
> app.config['SERVER_NAME'] = 'helloworld.com (http://helloworld.com)'
> 
> 
> It seems like the client tries to get all assets from 
'http://www.helloworld.com/static/[whatever]'. What's weird is that when I
navigate to 'www.helloworld.com (http://www.helloworld.com)' it actually 
hits an unstyled 404 page that I have for my app. Which means it's hitting
the application, but it doesn't know what route '/' is??
> 
> Oliver 
> 
> On Sunday, January 27, 2013 at 3:24 AM, Markus Unterwaditzer wrote:
> 
> > Oliver,
> > 
> > It's app.config['SESSION_COOKIE_DOMAIN'], not just an attribute on app.
> > 
> > -- Markus
> > 
> > Oliver Song <osong@mit.edu (mailto:osong@mit.edu)> wrote:
> > > 
> > > I have a Flask application hosted on Heroku, and the Heroku instance
(say, "helloworld.herokuapp.com (http://helloworld.herokuapp.com)") has a 
custom domain name, say "www.helloworld.com (http://www.helloworld.com)".
> > > 
> > > 
> > > When I access the app at the native heroku URL, sessions work 
perfectly fine. When I access it atwww.helloworld.com 
(http://www.helloworld.com), they don't work. I assume that this is 
because the session cookie that Flask is signing is for the wrong domain.
> > > 
> > > 
> > > I tried assigning app.SESSION_COOKIE_DOMAIN and app.SERVER_NAME to 
'helloworld.com (http://helloworld.com)', but i t still only signs the 
session cookies for helloworld.herokuapp.com 
(http://helloworld.herokuapp.com).
> > > 
> > > 
> > > Is there any way I can force the session cookies to sign as my 
custom domain?
> > > 
> > > 
> > > 
> > > 
> > > 
> > > 
> > > Thanks,
> > > 
> > > 
> > > Oliver
> > > 
> > > 
> > > 
> > > 
> > 
> > 
> > 
> > -- 
> > Sent from my Android phone with K-9 Mail. Please excuse my brevity. 
> 

Re: [flask] Broken sessions with custom heroku domain name

From:
Oliver Song
Date:
2013-01-27 @ 18:07
Sorry for the spam, but more info: 

I tried going to 'helloworld.herokuapp.com' and it looks like session 
cookies aren't being set for that domain anymore. So the 
SESSION_COOKIE_DOMAIN is definitely working, it just isn't setting it to 
the correct domain. Any ideas on the correct syntax?

Thanks,
Oliver


On Sunday, January 27, 2013 at 12:44 PM, Oliver Song wrote:

> More info: 
> 
> I removed the 'SERVER_NAME' config, and now the application serves 
correctly, but I have the same problem as before.
> 
> Even though the perm is set, cookies don't seem to be correctly setting 
for domain '.helloworld.com (http://helloworld.com)'. I don't see any 
session variables being set while on the site.
> 
> Is there any way I can manually set the session on the live site and try
to verify whether it sets?
> 
> Thanks,
> Oliver
> 
> On Sunday, January 27, 2013 at 12:39 PM, Oliver Song wrote:
> 
> > Markus, 
> > 
> > After doing that, the good news is that something changed; the bad 
news is that everything is 404'ing now.
> > 
> > This is what my config looks like:
> > 
> > app.config['SESSION_COOKIE_DOMAIN'] = '.helloworld.com 
(http://helloworld.com)'
> > app.config['SERVER_NAME'] = 'helloworld.com (http://helloworld.com)'
> > 
> > 
> > It seems like the client tries to get all assets from 
'http://www.helloworld.com/static/[whatever]'. What's weird is that when I
navigate to 'www.helloworld.com (http://www.helloworld.com)' it actually 
hits an unstyled 404 page that I have for my app. Which means it's hitting
the application, but it doesn't know what route '/' is??
> > 
> > Oliver 
> > 
> > On Sunday, January 27, 2013 at 3:24 AM, Markus Unterwaditzer wrote:
> > 
> > > Oliver,
> > > 
> > > It's app.config['SESSION_COOKIE_DOMAIN'], not just an attribute on app.
> > > 
> > > -- Markus
> > > 
> > > Oliver Song <osong@mit.edu (mailto:osong@mit.edu)> wrote:
> > > > 
> > > > I have a Flask application hosted on Heroku, and the Heroku 
instance (say, "helloworld.herokuapp.com 
(http://helloworld.herokuapp.com)") has a custom domain name, say 
"www.helloworld.com (http://www.helloworld.com)".
> > > > 
> > > > 
> > > > When I access the app at the native heroku URL, sessions work 
perfectly fine. When I access it atwww.helloworld.com 
(http://www.helloworld.com), they don't work. I assume that this is 
because the session cookie that Flask is signing is for the wrong domain.
> > > > 
> > > > 
> > > > I tried assigning app.SESSION_COOKIE_DOMAIN and app.SERVER_NAME to
'helloworld.com (http://helloworld.com)', but i t still only signs the 
session cookies for helloworld.herokuapp.com 
(http://helloworld.herokuapp.com).
> > > > 
> > > > 
> > > > Is there any way I can force the session cookies to sign as my 
custom domain?
> > > > 
> > > > 
> > > > 
> > > > 
> > > > 
> > > > 
> > > > Thanks,
> > > > 
> > > > 
> > > > Oliver
> > > > 
> > > > 
> > > > 
> > > > 
> > > 
> > > 
> > > 
> > > -- 
> > > Sent from my Android phone with K-9 Mail. Please excuse my brevity. 
> > 
> 

Re: [flask] Broken sessions with custom heroku domain name

From:
Markus Unterwaditzer
Date:
2013-01-27 @ 17:52
Oliver,

I think you have to set these config variables to the exact subdomain, 
which in your case is www.helloworld.com, not just helloworld.com.

-- Markus

Oliver Song <osong@mit.edu> wrote:

>Markus, 
>
>After doing that, the good news is that something changed; the bad news
>is that everything is 404'ing now.
>
>This is what my config looks like:
>
>app.config['SESSION_COOKIE_DOMAIN'] = '.helloworld.com'
>app.config['SERVER_NAME'] = 'helloworld.com'
>
>
>It seems like the client tries to get all assets from
>'http://www.helloworld.com/static/[whatever]'. What's weird is that
>when I navigate to 'www.helloworld.com' it actually hits an unstyled
>404 page that I have for my app. Which means it's hitting the
>application, but it doesn't know what route '/' is??
>
>Oliver 
>
>
>On Sunday, January 27, 2013 at 3:24 AM, Markus Unterwaditzer wrote:
>
>> Oliver,
>> 
>> It's app.config['SESSION_COOKIE_DOMAIN'], not just an attribute on
>app.
>> 
>> -- Markus
>> 
>> Oliver Song <osong@mit.edu (mailto:osong@mit.edu)> wrote:
>> > 
>> > I have a Flask application hosted on Heroku, and the Heroku
>instance (say, "helloworld.herokuapp.com
>(http://helloworld.herokuapp.com)") has a custom domain name, say
>"www.helloworld.com (http://www.helloworld.com)".
>> > 
>> > 
>> > When I access the app at the native heroku URL, sessions work
>perfectly fine. When I access it atwww.helloworld.com
>(http://www.helloworld.com), they don't work. I assume that this is
>because the session cookie that Flask is signing is for the wrong
>domain.
>> > 
>> > 
>> > I tried assigning app.SESSION_COOKIE_DOMAIN and app.SERVER_NAME to
>'helloworld.com (http://helloworld.com)', but i t still only signs the
>session cookies for helloworld.herokuapp.com
>(http://helloworld.herokuapp.com).
>> > 
>> > 
>> > Is there any way I can force the session cookies to sign as my
>custom domain?
>> > 
>> > 
>> > 
>> > 
>> > 
>> > 
>> > Thanks,
>> > 
>> > 
>> > Oliver
>> > 
>> > 
>> > 
>> > 
>> 
>> 
>> 
>> -- 
>> Sent from my Android phone with K-9 Mail. Please excuse my brevity. 

-- 
Sent from my phone. Please excuse my brevity.