make session cookies http only
authorPaul Hänsch <paul@plutz.net>
Sun, 18 Nov 2018 19:47:10 +0000 (20:47 +0100)
committerPaul Hänsch <paul@plutz.net>
Sun, 18 Nov 2018 19:47:10 +0000 (20:47 +0100)
session.sh

index 2769328..3f3839a 100755 (executable)
@@ -64,5 +64,5 @@ update_session(){
 }
 
 SESSION_ID="$(update_session)"
-SET_COOKIE 0 "session=$SESSION_ID"
+SET_COOKIE 0 "session=$SESSION_ID" HttpOnly
 SESSION_ID="${SESSION_ID%%-*}"