Verified Commit 18ad8aae authored by shibayashi's avatar shibayashi

Explicitly set 'http_only' to true

parent 4656a07e
......@@ -50,6 +50,7 @@ defmodule Pleroma.Web.Endpoint do
store: :cookie,
key: "_pleroma_key",
signing_salt: "CqaoopA2",
http_only: true,
secure:
Application.get_env(:pleroma, Pleroma.Web.Endpoint) |> Keyword.get(:secure_cookie_flag),
extra: "SameSite=Strict"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment