aboutsummaryrefslogtreecommitdiffstats
path: root/modules
diff options
context:
space:
mode:
Diffstat (limited to 'modules')
-rw-r--r--modules/setting/session.go1
-rw-r--r--modules/setting/setting.go5
2 files changed, 5 insertions, 1 deletions
diff --git a/modules/setting/session.go b/modules/setting/session.go
index 313c3c76b5..7009576ccb 100644
--- a/modules/setting/session.go
+++ b/modules/setting/session.go
@@ -34,6 +34,7 @@ func newSessionService() {
SessionConfig.Secure = Cfg.Section("session").Key("COOKIE_SECURE").MustBool(false)
SessionConfig.Gclifetime = Cfg.Section("session").Key("GC_INTERVAL_TIME").MustInt64(86400)
SessionConfig.Maxlifetime = Cfg.Section("session").Key("SESSION_LIFE_TIME").MustInt64(86400)
+ SessionConfig.Domain = Cfg.Section("session").Key("DOMAIN").String()
shadowConfig, err := json.Marshal(SessionConfig)
if err != nil {
diff --git a/modules/setting/setting.go b/modules/setting/setting.go
index 7201f0619d..6a5c5a36d7 100644
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@@ -287,7 +287,8 @@ var (
// Time settings
TimeFormat string
- CSRFCookieName = "_csrf"
+ CSRFCookieName = "_csrf"
+ CSRFCookieHTTPOnly = true
// Mirror settings
Mirror struct {
@@ -781,6 +782,8 @@ func NewContext() {
ImportLocalPaths = sec.Key("IMPORT_LOCAL_PATHS").MustBool(false)
DisableGitHooks = sec.Key("DISABLE_GIT_HOOKS").MustBool(false)
PasswordHashAlgo = sec.Key("PASSWORD_HASH_ALGO").MustString("pbkdf2")
+ CSRFCookieHTTPOnly = sec.Key("CSRF_COOKIE_HTTP_ONLY").MustBool(true)
+
InternalToken = loadInternalToken(sec)
IterateBufferSize = Cfg.Section("database").Key("ITERATE_BUFFER_SIZE").MustInt(50)
LogSQL = Cfg.Section("database").Key("LOG_SQL").MustBool(true)
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-31 21:05:30 +0000