domi/forgejo-domi
1
0
Fork 0
forked from forgejo/forgejo
Code Pull requests Activity

Make cookies HttpOnly and obey COOKIE_SECURE flag (#4706)

Browse source
This commit is contained in:
SagePtr 2018-08-14 22:16:37 +02:00 committed by Lauris BH
parent ca112f0a04
commit 0449330dbc
4 changed files with 26 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

2
routers/user/setting/profile.go
View file

@ -103,7 +103,7 @@ func ProfilePost(ctx *context.Context, form auth.UpdateProfileForm) {
}
// Update the language to the one we just set
ctx.SetCookie("lang", ctx.User.Language, nil, setting.AppSubURL)
ctx.SetCookie("lang", ctx.User.Language, nil, setting.AppSubURL, "", setting.SessionConfig.Secure, true)
log.Trace("User settings updated: %s", ctx.User.Name)
ctx.Flash.Success(i18n.Tr(ctx.User.Language, "settings.update_profile_success"))