Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
Cookie security #3525
Cookie security, may it be able that you can set the cookies "httponly secure"? Right now I don't see a possibility to overwrite the cookie attributes.
I mean generally all cookies which are set.
No, but why should be there possibility to give this option?
It shouldn't be hard to set two extra header options.
You can enable this for session data yourself: https://github.com/gogits/gogs/blob/master/conf/app.ini#L243
dont send pull request
Aug 27, 2016
Regarding cookie security attributes, there are these three attributes right now:
I think both