Skip to content

Commit

Permalink
Support secure mode for csrf cookie (#7)
Browse files Browse the repository at this point in the history 
Options struct has Secure flag for csrf cookie, but it's just ignored
and corresponding argument of SetCookie() is hardcodded to false.

This pass Options.Secure to SetCookie in csrf.Generate()

Signed-off-by: Aleksandr Bulyshchenko <A.Bulyshchenko@globallogic.com>
  • Loading branch information
@AleksandrBulyshchenko @unknwon
AleksandrBulyshchenko authored and unknwon committed Apr 26, 2018
1 parent 428b7c6 commit dadd171
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion csrf.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -222,7 +222,7 @@ func Generate(options ...Options) macaron.Handler {
// FIXME: actionId.
x.Token = GenerateToken(x.Secret, x.ID, "POST")
if opt.SetCookie {
ctx.SetCookie(opt.Cookie, x.Token, 0, opt.CookiePath, "", false, opt.CookieHttpOnly, time.Now().AddDate(0, 0, 1))
ctx.SetCookie(opt.Cookie, x.Token, 0, opt.CookiePath, "", opt.Secure, opt.CookieHttpOnly, time.Now().AddDate(0, 0, 1))
}
}

Expand Down

0 comments on commit dadd171

Please sign in to comment.