nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

make session-cookie HttpOnly

Browse source 
closes #7041
This commit is contained in:
Benjamin Neff 2016-08-31 01:22:52 +02:00 committed by Dennis Schubert
parent 28dd88543e
commit b3453c494e
No known key found for this signature in database
GPG key ID: 5A0304BEA7966D7E
2 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
Changelog.md
View file

@ -3,6 +3,7 @@
## Refactor ## Refactor
* Indicate proper way to report bugs in the sidebar [#7039](https://github.com/diaspora/diaspora/pull/7039) * Indicate proper way to report bugs in the sidebar [#7039](https://github.com/diaspora/diaspora/pull/7039)
* Remove text color from notification mails and fix sender avatar [#7054](https://github.com/diaspora/diaspora/pull/7054) * Remove text color from notification mails and fix sender avatar [#7054](https://github.com/diaspora/diaspora/pull/7054)
* Make the session cookies HttpOnly again [#7041](https://github.com/diaspora/diaspora/pull/7041)
## Bug fixes ## Bug fixes

2
config/initializers/session_store.rb
View file

@ -1,3 +1,3 @@
# Be sure to restart your server when you modify this file. # Be sure to restart your server when you modify this file.
Diaspora::Application.config.session_store :cookie_store, key: '_diaspora_session', httponly: false Diaspora::Application.config.session_store :cookie_store, key: "_diaspora_session", httponly: true