Add secure flag to express-session cookies

2016-06-08 21:15:26 +02:00 · 2016-06-08 21:15:26 +02:00 · 4ea9c4f98d
parent 06ff023047
commit 4ea9c4f98d
1 changed files with 1 additions and 1 deletions
--- a/src/node/hooks/express/webaccess.js
+++ b/src/node/hooks/express/webaccess.js
@ -120,7 +120,7 @@ exports.expressConfigure = function (hook_name, args, cb) {
  }

  args.app.sessionStore = exports.sessionStore;
-  args.app.use(sessionModule({secret: exports.secret, store: args.app.sessionStore, resave: true, saveUninitialized: true, name: 'express_sid' }));
+  args.app.use(sessionModule({secret: exports.secret, store: args.app.sessionStore, resave: true, saveUninitialized: true, name: 'express_sid', proxy: true, cookie: { secure: true }}));

  args.app.use(cookieParser(settings.sessionKey, {}));