Skip to content

Commit

Permalink
routers: set csrf-token security depending on COOKIE_SECURE
Browse files Browse the repository at this point in the history 
Signed-off-by: Aleksandr Bulyshchenko <[email protected]>
  • Loading branch information
@AleksandrBulyshchenko
AleksandrBulyshchenko committed Apr 30, 2018
1 parent be39cca commit 409cf99
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions routers/routes/routes.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -114,6 +114,7 @@ func NewMacaron() *macaron.Macaron {
Secret: setting.SecretKey,
Cookie: setting.CSRFCookieName,
SetCookie: true,
Secure: setting.SessionConfig.Secure,
Header: "X-Csrf-Token",
CookiePath: setting.AppSubURL,
}))
Expand Down

0 comments on commit 409cf99

Please sign in to comment.