heimoshuiyu/gonic
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

add httponly, and samesite option to sessions

Browse Source 
closes #52
This commit is contained in:
sentriz
2020-03-31 16:33:01 +01:00
parent e84470861d
commit 32e7ac14d1
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
server/ctrladmin/ctrl.go
View File

@@ -98,11 +98,14 @@ func New(base *ctrlbase.Controller) *Controller {
})
tmplBase = extendFromPaths(tmplBase, prefixPartials)
tmplBase = extendFromPaths(tmplBase, prefixLayouts)
sessDB := gormstore.New(base.DB.DB, sessionKey)
sessDB.SessionOpts.HttpOnly = true
sessDB.SessionOpts.SameSite = http.SameSiteLaxMode
return &Controller{
Controller: base,
buffPool: bpool.NewBufferPool(64),
templates: pagesFromPaths(tmplBase, prefixPages),
sessDB: gormstore.New(base.DB.DB, sessionKey),
sessDB: sessDB,
}
}