mirrors/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2025-05-14 15:14:56 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Set secure flag for non-session cookies

Browse source 
This adds the secure flag to all cookies that are set
in the frontend for storing various settings.
If `SameSite=none` is set (like when embedding the instance is allowed),
 the `secure` flag is necessary to set any cookie.

Signed-off-by: David Mehren <git@herrmehren.de>
This commit is contained in:
David Mehren 2021-08-14 14:08:39 +02:00
parent 3175fe18b2
commit 7b00a59661
No known key found for this signature in database
GPG key ID: 185982BA4C42B7C3
5 changed files with 29 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

3
public/js/locale.js
View file

@ -34,7 +34,8 @@ if (localeSelector.length > 0) {
localeSelector.change(function () {
Cookies.set('locale', $(this).val(), {
expires: 365,
sameSite: window.cookiePolicy
sameSite: window.cookiePolicy,
secure: window.location.protocol === 'https:'
})
window.location.reload()
})