Skip to content

Mark CSRF cookie secure on direct TLS#735

Merged
asim merged 1 commit into
mainfrom
codex/increment-734
Jun 29, 2026
Merged

Mark CSRF cookie secure on direct TLS#735
asim merged 1 commit into
mainfrom
codex/increment-734

Conversation

@asim

@asim asim commented Jun 29, 2026

Copy link
Copy Markdown
Member

Summary

  • mark CSRF cookies Secure for requests served directly over TLS, not only behind X-Forwarded-Proto=https
  • add regression coverage for HTTPS requests generated by httptest

Closes #734

@asim asim added the codex Created by Codex label Jun 29, 2026
@asim asim merged commit badd3b2 into main Jun 29, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

codex Created by Codex

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Continuous improvement increment #51

2 participants