Permalink
Browse files

Always httpOnly session cookie

  • Loading branch information...
1 parent 6b13fc9 commit 92844825cbf4a42b81209197b00e68dc35f533bd @tj tj committed Mar 29, 2010
Showing with 2 additions and 1 deletion.
  1. +2 −1 lib/express/plugins/session.js
@@ -179,8 +179,9 @@ exports.Session = Plugin.extend({
*/
init: function(options) {
- this.cookie = { httpOnly: true }
+ this.cookie = {}
this.merge(options || {})
+ this.cookie.httpOnly = true
this.store = new (this.dataStore || exports.Store.Memory)(options)
this.startReaper()
},

0 comments on commit 9284482

Please sign in to comment.