Skip to content

Commit

Permalink
fix: HttpOnly always true in cookies
Browse files Browse the repository at this point in the history
  • Loading branch information
@davidby-influx
davidby-influx committed Dec 20, 2023
1 parent e01e707 commit 41cdc08
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion session/http_server.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -208,7 +208,7 @@ func encodeCookieSession(w http.ResponseWriter, s *influxdb.Session, tlsEnabled
Path: "/api/", // since UI doesn't need it, limit cookie usage to API requests
Expires: s.ExpiresAt,
SameSite: http.SameSiteStrictMode,
HttpOnly: tlsEnabled,
HttpOnly: true,
Secure: tlsEnabled,
}

Expand Down

0 comments on commit 41cdc08

Please sign in to comment.