fix siteid cookie to secure

2021-10-18 10:38:41 -04:00
parent 9e70cb193d
commit 5caac014df
27 changed files with 31 additions and 30 deletions
--- a/classes/misc/csrf.php
+++ b/classes/misc/csrf.php
@@ -33,7 +33,7 @@ class csrf {

                setcookie ( self::makeCookieName($page), $token->cookietoken, [
                    'expires' => $token->expiry,
-                    'secure' => false,
+                    'secure' => true,
                    'httponly' => true,
                    'samesite' => 'Strict',
                ]);