rpms / pcs

Clone
Source Code
GIT

Blame secure-cookie.patch

f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 main private-idevat-new-daemon-test private-mpospisi-packit-test private-omular-snmp private-tojeline-multijson rawhide
  1.   f21
  2.   secure-cookie.patch
Blob History Raw
ae284d8 
--- pcs-0.9.137/pcsd/pcsd.rb.secure_fix        2015-03-30 13:48:50.209887370 -0500
ae284d8 
+++ pcs-0.9.137/pcsd/pcsd.rb   2015-03-30 13:50:47.321660377 -0500
ae284d8 
@@ -31,7 +31,9 @@ end
ae284d8
ae284d8 
 use Rack::Session::Cookie,
ae284d8 
   :expire_after => 60 * 60,
ae284d8 
-  :secret => secret
ae284d8 
+  :secret => secret,
ae284d8 
+  :secure => true, # only send over HTTPS
ae284d8 
+  :httponly => true # don't provide to javascript
ae284d8
ae284d8 
 #use Rack::SSL
ae284d8
ae284d8 
@@ -45,8 +47,6 @@ also_reload 'pcs.rb'
ae284d8 
 also_reload 'auth.rb'
ae284d8 
 also_reload 'wizard.rb'
ae284d8
ae284d8 
-enable :sessions
ae284d8 
-
ae284d8 
 before do
ae284d8 
   $session = session
ae284d8 
   $cookies = cookies
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.