aboutsummaryrefslogtreecommitdiff
path: root/server.go
diff options
context:
space:
mode:
Diffstat (limited to 'server.go')
-rw-r--r--server.go5
1 files changed, 4 insertions, 1 deletions
diff --git a/server.go b/server.go
index 7a82d35..759a9bb 100644
--- a/server.go
+++ b/server.go
@@ -265,7 +265,8 @@ func (ctx *Context) SetSession(s *Session) {
cookie := http.Cookie{
Name: cookieName,
HttpOnly: true,
- // TODO: domain, secure
+ SameSite: http.SameSiteStrictMode,
+ Secure: ctx.IsTLS(),
}
if s != nil {
cookie.Value = s.token
@@ -285,6 +286,8 @@ func (ctx *Context) SetLoginToken(username, password string) {
Expires: time.Now().Add(30 * 24 * time.Hour),
Name: loginTokenCookieName,
HttpOnly: true,
+ SameSite: http.SameSiteStrictMode,
+ Secure: ctx.IsTLS(),
Path: "/login",
}
if username == "" {
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-18 15:28:55 +0000