deblan-mirror/sncf
1
0
Fork 0
mirror of https://git.42l.fr/neil/sncf.git synced 2024-04-25 02:50:27 +02:00
Code Issues Releases Wiki Activity

adding Secure cookie param to sncf_admin_token and sncf_csrf_cookie

Browse source
This commit is contained in:
neil 2021-04-12 20:39:47 +02:00
parent 240baca044
commit 6e231a73b6
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/forward.rs
View file

@ -317,7 +317,7 @@ pub async fn forward_register(
.content_type("text/html")
.set_header(
"Set-Cookie",
format!("sncf_admin_token={}; HttpOnly; SameSite=Strict", &token),
format!("sncf_admin_token={}; HttpOnly; Secure; SameSite=Strict", &token),
)
.body(
TplLink {
@ -381,7 +381,7 @@ pub async fn index(req: HttpRequest) -> Result<HttpResponse, TrainCrash> {
.set_header(
"Set-Cookie",
format!(
"sncf_csrf_cookie={}; HttpOnly; SameSite=Strict",
"sncf_csrf_cookie={}; HttpOnly; Secure; SameSite=Strict",
base64::encode_config(&csrf_cookie.value(), base64::URL_SAFE_NO_PAD)
),
)