server/beego
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

FIX: After SessionRegenerateID, beegosessionID cookie's secure flag is missing (#5007)

Browse Source 
- Add cookie.Secure, cookie.Domain, cookie.SameSite
This commit is contained in:
Pengfei73
2022-07-04 21:37:03 +08:00
committed by GitHub
parent 7d8a2592db
commit a451f398a3
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
session/session.go
View File

@@ -328,6 +328,9 @@ func (manager *Manager) SessionRegenerateID(w http.ResponseWriter, r *http.Reque
cookie.Value = url.QueryEscape(sid)
cookie.HttpOnly = true
cookie.Path = "/"
cookie.Secure = manager.isSecure(r)
cookie.Domain = manager.config.Domain
cookie.SameSite = manager.config.CookieSameSite
}
if manager.config.CookieLifeTime > 0 {
cookie.MaxAge = manager.config.CookieLifeTime