Always disable secure cookies in Balrog agent, because there's no poi…

…nt in just enabling them for localdev.
mozilla-releng · Jun 12, 2019 · 0bd427f · 0bd427f
1 parent 17353b9
commit 0bd427f
Showing 1 changed file with 2 additions and 5 deletions.
diff --git a/agent/balrogagent/client.py b/agent/balrogagent/client.py
@@ -69,11 +69,8 @@ async def request(api_root, path, auth0_secrets, method="GET", data={}, headers=
         # https, which means it won't send back the session token by default,
         # which breaks csrf token validation. Changing the cookies to insecure
         # will let them be sent back, but it's a horrible back.
-        # Checking for this specific api_root makes sure it's only enabled for
-        # our deployed environments.
-        if api_root == "http://localhost:81/api":
-            for c in client.cookie_jar:
-                c["secure"] = False
+        for c in client.cookie_jar:
+            c["secure"] = False
 
         logging.debug("Sending %s request to %s", method, url)
         async with client.request(method, url, data=json.dumps(data), headers=headers) as resp: