mirror of
https://git.42l.fr/neil/sncf.git
synced 2024-05-23 10:52:14 +02:00
adding Secure cookie param to sncf_admin_token and sncf_csrf_cookie
This commit is contained in:
parent
240baca044
commit
6e231a73b6
|
@ -317,7 +317,7 @@ pub async fn forward_register(
|
||||||
.content_type("text/html")
|
.content_type("text/html")
|
||||||
.set_header(
|
.set_header(
|
||||||
"Set-Cookie",
|
"Set-Cookie",
|
||||||
format!("sncf_admin_token={}; HttpOnly; SameSite=Strict", &token),
|
format!("sncf_admin_token={}; HttpOnly; Secure; SameSite=Strict", &token),
|
||||||
)
|
)
|
||||||
.body(
|
.body(
|
||||||
TplLink {
|
TplLink {
|
||||||
|
@ -381,7 +381,7 @@ pub async fn index(req: HttpRequest) -> Result<HttpResponse, TrainCrash> {
|
||||||
.set_header(
|
.set_header(
|
||||||
"Set-Cookie",
|
"Set-Cookie",
|
||||||
format!(
|
format!(
|
||||||
"sncf_csrf_cookie={}; HttpOnly; SameSite=Strict",
|
"sncf_csrf_cookie={}; HttpOnly; Secure; SameSite=Strict",
|
||||||
base64::encode_config(&csrf_cookie.value(), base64::URL_SAFE_NO_PAD)
|
base64::encode_config(&csrf_cookie.value(), base64::URL_SAFE_NO_PAD)
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
|
|
Loading…
Reference in a new issue