tdsds.com/gitea
1
1
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2025-07-22 18:28:37 +00:00
Code Releases Activity

Make cookies HttpOnly and obey COOKIE_SECURE flag (#4706)

Browse Source
This commit is contained in:
SagePtr
2018-08-14 22:16:37 +02:00
committed by Lauris BH
parent ca112f0a04
commit 0449330dbc
4 changed files with 26 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
routers/user/auth_openid.go
View File

@@ -45,13 +45,13 @@ func SignInOpenID(ctx *context.Context) {
redirectTo := ctx.Query("redirect_to")
if len(redirectTo) > 0 {
ctx.SetCookie("redirect_to", redirectTo, 0, setting.AppSubURL)
ctx.SetCookie("redirect_to", redirectTo, 0, setting.AppSubURL, "", setting.SessionConfig.Secure, true)
} else {
redirectTo, _ = url.QueryUnescape(ctx.GetCookie("redirect_to"))
}
if isSucceed {
ctx.SetCookie("redirect_to", "", -1, setting.AppSubURL)
ctx.SetCookie("redirect_to", "", -1, setting.AppSubURL, "", setting.SessionConfig.Secure, true)
ctx.RedirectToFirst(redirectTo)
return
}