summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--cmd/web.go7
-rw-r--r--modules/setting/setting.go1
2 files changed, 5 insertions, 3 deletions
diff --git a/cmd/web.go b/cmd/web.go
index 45f35a35af..83dfca4e67 100644
--- a/cmd/web.go
+++ b/cmd/web.go
@@ -97,9 +97,10 @@ func newMacaron() *macaron.Macaron {
Config: *setting.SessionConfig,
}))
m.Use(csrf.Generate(csrf.Options{
- Secret: setting.SecretKey,
- SetCookie: true,
- Header: "X-Csrf-Token",
+ Secret: setting.SecretKey,
+ SetCookie: true,
+ Header: "X-Csrf-Token",
+ CookiePath: setting.AppSubUrl,
}))
m.Use(toolbox.Toolboxer(m, toolbox.Options{
HealthCheckFuncs: []*toolbox.HealthCheckFuncDesc{
diff --git a/modules/setting/setting.go b/modules/setting/setting.go
index 321282df25..a1ab43d022 100644
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@@ -380,6 +380,7 @@ func newSessionService() {
SessionConfig = new(session.Config)
SessionConfig.ProviderConfig = strings.Trim(Cfg.MustValue("session", "PROVIDER_CONFIG"), "\" ")
SessionConfig.CookieName = Cfg.MustValue("session", "COOKIE_NAME", "i_like_gogits")
+ SessionConfig.CookiePath = AppSubUrl
SessionConfig.Secure = Cfg.MustBool("session", "COOKIE_SECURE")
SessionConfig.EnableSetCookie = Cfg.MustBool("session", "ENABLE_SET_COOKIE", true)
SessionConfig.Gclifetime = Cfg.MustInt64("session", "GC_INTERVAL_TIME", 86400)
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-19 22:46:03 +0000