heimoshuiyu/gonic
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

add httponly, and samesite option to sessions

Browse Source 
closes #52
This commit is contained in:
sentriz
2020-03-31 16:33:01 +01:00
parent e84470861d
commit 32e7ac14d1
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
server/ctrladmin/ctrl.go
View File

@@ -98,11 +98,14 @@ func New(base *ctrlbase.Controller) *Controller {
}) })
tmplBase = extendFromPaths(tmplBase, prefixPartials) tmplBase = extendFromPaths(tmplBase, prefixPartials)
tmplBase = extendFromPaths(tmplBase, prefixLayouts) tmplBase = extendFromPaths(tmplBase, prefixLayouts)
sessDB := gormstore.New(base.DB.DB, sessionKey)
sessDB.SessionOpts.HttpOnly = true
sessDB.SessionOpts.SameSite = http.SameSiteLaxMode
return &Controller{ return &Controller{
Controller: base, Controller: base,
buffPool: bpool.NewBufferPool(64), buffPool: bpool.NewBufferPool(64),
templates: pagesFromPaths(tmplBase, prefixPages), templates: pagesFromPaths(tmplBase, prefixPages),
sessDB: gormstore.New(base.DB.DB, sessionKey), sessDB: sessDB,
} }
} }