Add secure/httpOnly attributes to the lang cookie (#14279) (#14280)

* Add secure/httpOnly attributes to the lang cookie (#9690) (#14279) * apply to InitLocales() too Co-authored-by: Timo Gurr <timo.gurr@gmail.com>
4 years ago · fb656b5124
parent 4be59eb5d9
commit fb656b5124
2 changed files with 18 additions and 14 deletions
--- a/routers/init.go
+++ b/routers/init.go
@ -116,6 +116,8 @@ func InitLocales() {
 		Names:          setting.Names,
 		DefaultLang:    "en-US",
 		Redirect:       false,
 		CookieHttpOnly: true,
 		Secure:         setting.SessionConfig.Secure,
 		CookieDomain:   setting.SessionConfig.Domain,
 	})
 }
--- a/routers/routes/routes.go
+++ b/routers/routes/routes.go
@ -253,6 +253,8 @@ func NewMacaron() *macaron.Macaron {
 		Names:          setting.Names,
 		DefaultLang:    "en-US",
 		Redirect:       false,
 		CookieHttpOnly: true,
 		Secure:         setting.SessionConfig.Secure,
 		CookieDomain:   setting.SessionConfig.Domain,
 	}))
 	m.Use(cache.Cacher(cache.Options{