Updated cookie with XSS and CSRF best practices (#103)

roost.tools / coop

fork

Mirror of https://github.com/roostorg/coop github.com/roostorg/coop

fork

Co-authored-by: Mac <mac@Macs-MacBook-Pro.local>

authored by

mac-df

Mac and committed by

GitHub 2 months ago 5d9ce1eb bb4d6ac3

1 changed file

expand all

server

api.ts

server/api.ts

··· 128 128 store: new sessionStore({ conString: connectionString }), 129 129 cookie: { 130 130 secure: process.env.NODE_ENV === 'production', 131 + httpOnly: true, 132 + sameSite: 'lax', 131 133 // 30 Days in milliseconds 132 134 maxAge: 30 * 24 * 60 * 60 * 1000, 133 135 },

Configure Feed

Configure Feed