rpms / pcs

Clone
Source Code
GIT

Blame SOURCES/secure-cookie.patch

c4 c5 c5-plus c6 c6-plus c7 c7-armhfp c7-beta c8 c8-beta c8-init-modify c8s c9 c9-beta
  1.   056f5b0e6e72e75255f347f7c587ea85dff47552
  2.   SOURCES
  3.   secure-cookie.patch
Blob History Raw
056f5b 
--- pcs-0.9.137/pcsd/pcsd.rb.secure_fix        2015-03-30 13:48:50.209887370 -0500
056f5b 
+++ pcs-0.9.137/pcsd/pcsd.rb   2015-03-30 13:50:47.321660377 -0500
056f5b 
@@ -32,7 +32,9 @@ end
056f5b
056f5b 
 use Rack::Session::Cookie,
056f5b 
   :expire_after => 60 * 60,
056f5b 
-  :secret => secret
056f5b 
+  :secret => secret,
056f5b 
+  :secure => true, # only send over HTTPS
056f5b 
+  :httponly => true # don't provide to javascript
056f5b
056f5b 
 #use Rack::SSL
056f5b
056f5b 
@@ -46,8 +48,6 @@ also_reload 'pcs.rb'
056f5b 
 also_reload 'auth.rb'
056f5b 
 also_reload 'wizard.rb'
056f5b
056f5b 
-enable :sessions
056f5b 
-
056f5b 
 before do
056f5b 
   $session = session
056f5b 
   $cookies = cookies

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation