From: Michael Tremer <michael.tremer@ipfire.org>
Date: Mon, 6 Sep 2021 17:07:45 +0000 (+0000)
Subject: cookie: Set secure attribute
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=abd1d7aabc3f781126459c2d8dd840d60dfa79c3;p=ipfire.org.git

cookie: Set secure attribute

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/src/web/auth.py b/src/web/auth.py
index d9bb703e..d633a94b 100644
--- a/src/web/auth.py
+++ b/src/web/auth.py
@@ -26,7 +26,7 @@ class AuthenticationMixin(CacheMixin):
 
 		# Send session cookie to the client
 		self.set_cookie("session_id", session_id,
-			domain=self.request.host, expires=session_expires)
+			domain=self.request.host, expires=session_expires, secure=True)
 
 	def logout(self):
 		session_id = self.get_cookie("session_id")