Skip to content

Commit

Permalink
Set HttpOnly and Secure cookies in logout cookies
Browse files Browse the repository at this point in the history 
Signed-off-by: Eduardo Apolinario <[email protected]>
  • Loading branch information
@eapolinario
eapolinario committed Oct 24, 2024
1 parent 056749c commit cae154c
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 0 deletions.
1 change: 1 addition & 0 deletions flyteadmin/auth/cookie.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -128,6 +128,7 @@ func NewCsrfCookie() http.Cookie {
Value: csrfStateToken,
SameSite: http.SameSiteLaxMode,
HttpOnly: true,
Secure: true,
}
}

Expand Down
1 change: 1 addition & 0 deletions flyteadmin/auth/cookie_manager.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -218,6 +218,7 @@ func (c *CookieManager) getLogoutCookie(name string) *http.Cookie {
Domain: c.domain,
MaxAge: 0,
HttpOnly: true,
Secure: true,
Expires: time.Now().Add(-1 * time.Hour),
}
}
Expand Down

0 comments on commit cae154c

Please sign in to comment.