stefan230/akkoma
1
0
Fork 0
forked from YokaiRick/akkoma
Code Pull requests Activity

Add __Host- prefix when secure flag is enabled

Browse source
This commit is contained in:
shibayashi 2018-11-13 00:32:38 +01:00
parent 0ce5623134
commit 87c76a9a2f
No known key found for this signature in database
GPG key ID: C10662A33EB28508
1 changed files with 6 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
lib/pleroma/web/endpoint.ex
View file

@ -46,13 +46,18 @@ defmodule Pleroma.Web.Endpoint do
plug(Plug.MethodOverride)
plug(Plug.Head)
cookie_name =
if Application.get_env(:pleroma, Pleroma.Web.Endpoint) |> Keyword.get(:secure_cookie_flag),
do: "__Host-pleroma_key",
else: "pleroma_key"
# The session will be stored in the cookie and signed,
# this means its contents can be read but not tampered with.
# Set :encryption_salt if you would also like to encrypt it.
plug(
Plug.Session,
store: :cookie,
key: "_pleroma_key",
key: cookie_name,
signing_salt: "CqaoopA2",
http_only: true,
secure: