Explicitly set 'http_only' to true
This commit is contained in:
parent
4656a07e9e
commit
18ad8aaecf
@ -50,6 +50,7 @@ defmodule Pleroma.Web.Endpoint do
|
|||||||
store: :cookie,
|
store: :cookie,
|
||||||
key: "_pleroma_key",
|
key: "_pleroma_key",
|
||||||
signing_salt: "CqaoopA2",
|
signing_salt: "CqaoopA2",
|
||||||
|
http_only: true,
|
||||||
secure:
|
secure:
|
||||||
Application.get_env(:pleroma, Pleroma.Web.Endpoint) |> Keyword.get(:secure_cookie_flag),
|
Application.get_env(:pleroma, Pleroma.Web.Endpoint) |> Keyword.get(:secure_cookie_flag),
|
||||||
extra: "SameSite=Strict"
|
extra: "SameSite=Strict"
|
||||||
|
Loading…
Reference in New Issue
Block a user