From 6e231a73b631a4f23084157d99afb84d26c2e552 Mon Sep 17 00:00:00 2001
From: neil <neil@noreply.example.org>
Date: Mon, 12 Apr 2021 20:39:47 +0200
Subject: [PATCH] adding Secure cookie param to sncf_admin_token and
 sncf_csrf_cookie

---
 src/forward.rs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/forward.rs b/src/forward.rs
index b7bd56c..8ce2650 100644
--- a/src/forward.rs
+++ b/src/forward.rs
@@ -317,7 +317,7 @@ pub async fn forward_register(
         .content_type("text/html")
         .set_header(
             "Set-Cookie",
-            format!("sncf_admin_token={}; HttpOnly; SameSite=Strict", &token),
+            format!("sncf_admin_token={}; HttpOnly; Secure; SameSite=Strict", &token),
         )
         .body(
             TplLink {
@@ -381,7 +381,7 @@ pub async fn index(req: HttpRequest) -> Result<HttpResponse, TrainCrash> {
         .set_header(
             "Set-Cookie",
             format!(
-                "sncf_csrf_cookie={}; HttpOnly; SameSite=Strict",
+                "sncf_csrf_cookie={}; HttpOnly; Secure; SameSite=Strict",
                 base64::encode_config(&csrf_cookie.value(), base64::URL_SAFE_NO_PAD)
             ),
         )