Fixes Console issue #400 (#401)

Previously cookie path was set to Path="/api", this was a performance improvement to tell the browser to send the cookie only to request with that prefix, however also consume endpoints on Path="/ws", since rfc6265 doesnt support multiple paths or regular expressions in the path field of a cookie we are back to use Path="/" which means send the cookie to all request under the current domain. Co-authored-by: Daniel Valdivia <hola@danielvaldivia.com>
minio · Nov 18, 2020 · f1db949 · f1db949
1 parent 761c652
commit f1db949
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/restapi/utils.go b/restapi/utils.go
@@ -109,7 +109,7 @@ func NewSessionCookieForConsole(token string) http.Cookie {
 	expiration := time.Now().Add(SessionDuration)
 
 	return http.Cookie{
-		Path:     "/api", // browser will send cookie only for HTTP request under api path
+		Path:     "/",
 		Name:     "token",
 		Value:    token,
 		MaxAge:   int(SessionDuration.Seconds()), // 45 minutes
@@ -125,7 +125,7 @@ func NewSessionCookieForConsole(token string) http.Cookie {
 
 func ExpireSessionCookie() http.Cookie {
 	return http.Cookie{
-		Path:     "/api", // browser will send cookie only for HTTP request under api path
+		Path:     "/",
 		Name:     "token",
 		Value:    "",
 		MaxAge:   -1,