make session cookies http only

author Paul Hänsch <paul@plutz.net>

Sun, 18 Nov 2018 19:47:10 +0000 (20:47 +0100)

committer Paul Hänsch <paul@plutz.net>

Sun, 18 Nov 2018 19:47:10 +0000 (20:47 +0100)
author Paul Hänsch <paul@plutz.net>
Sun, 18 Nov 2018 19:47:10 +0000 (20:47 +0100)
committer Paul Hänsch <paul@plutz.net>
Sun, 18 Nov 2018 19:47:10 +0000 (20:47 +0100)
diff --git a/session.sh b/session.sh

index 27693289adfe4d2163ef435a7cdf30a81e9d40e2..3f3839ae8b167975a5e5231582509c5484d1f025 100755 (executable)
--- a/session.sh
+++ b/session.sh
@@ -64,5 +64,5 @@ update_session(){
  }
  
  SESSION_ID="$(update_session)"
-SET_COOKIE 0 "session=$SESSION_ID"
+SET_COOKIE 0 "session=$SESSION_ID" HttpOnly
  SESSION_ID="${SESSION_ID%%-*}"
author	Paul Hänsch <paul@plutz.net>
	Sun, 18 Nov 2018 19:47:10 +0000 (20:47 +0100)
committer	Paul Hänsch <paul@plutz.net>
	Sun, 18 Nov 2018 19:47:10 +0000 (20:47 +0100)