diff options
author | Joris | 2020-02-28 11:29:31 +0100 |
---|---|---|
committer | Joris | 2020-02-28 11:29:45 +0100 |
commit | 80d0a1f5207378f80e7c851fba13396b6f78f785 (patch) | |
tree | fb2c7a9ea4e1c0edb83c3668b388fad4d2ad1d64 /server/src | |
parent | 1770604df99a2071163dd2e24cae0befca528749 (diff) |
Update login cookie to be http only
The login cookie should not be used from the client in JavaScript.
Diffstat (limited to 'server/src')
-rw-r--r-- | server/src/Cookie.hs | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/server/src/Cookie.hs b/server/src/Cookie.hs index f79a1fa..00d73f2 100644 --- a/server/src/Cookie.hs +++ b/server/src/Cookie.hs @@ -34,6 +34,7 @@ makeSimpleCookie conf name value = , setCookieValue = TS.encodeUtf8 value , setCookiePath = Just $ TS.encodeUtf8 "/" , setCookieSecure = Conf.https conf + , setCookieHttpOnly = True } setCookie :: (Monad m) => SetCookie -> ActionT e m () |