Add secure/httpOnly attributes to the lang cookie (#9690) (#14279)

2025-06-03 05:58:46 +03:00 · 2021-01-07 14:40:24 +01:00
parent 3c96a37162
commit c1e30c9a84
1 changed files with 9 additions and 7 deletions
--- a/routers/routes/macaron.go
+++ b/routers/routes/macaron.go
@ -89,6 +89,8 @@ func NewMacaron() *macaron.Macaron {
 		Names:          setting.Names,
 		DefaultLang:    "en-US",
 		Redirect:       false,
+		CookieHttpOnly: true,
+		Secure:         setting.SessionConfig.Secure,
 		CookieDomain:   setting.SessionConfig.Domain,
 	}))
 	m.Use(cache.Cacher(cache.Options{