Add secure flag to express-session cookies

author: Stefan <mu.stefan@googlemail.com> 2016-06-08 21:15:26 +0200
committer: Stefan <mu.stefan@googlemail.com> 2016-06-08 21:15:26 +0200
commit: 4ea9c4f98ddabba231e59b9bd321ba1af0894552 (patch)
tree: b7fcfe602dce360278e7bf2a494490f908b1b34e /src/node
parent: 06ff0230474f9c3b5baa4e5827b897f42fe16213 (diff)
download: etherpad-lite-4ea9c4f98ddabba231e59b9bd321ba1af0894552.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/src/node/hooks/express/webaccess.js b/src/node/hooks/express/webaccess.js
index 2cafd271..80c21837 100644
--- a/src/node/hooks/express/webaccess.js
+++ b/src/node/hooks/express/webaccess.js
@@ -120,7 +120,7 @@ exports.expressConfigure = function (hook_name, args, cb) {
   }
 
   args.app.sessionStore = exports.sessionStore;
-  args.app.use(sessionModule({secret: exports.secret, store: args.app.sessionStore, resave: true, saveUninitialized: true, name: 'express_sid' }));
+  args.app.use(sessionModule({secret: exports.secret, store: args.app.sessionStore, resave: true, saveUninitialized: true, name: 'express_sid', proxy: true, cookie: { secure: true }}));
 
   args.app.use(cookieParser(settings.sessionKey, {}));
author	Stefan <mu.stefan@googlemail.com>	2016-06-08 21:15:26 +0200
committer	Stefan <mu.stefan@googlemail.com>	2016-06-08 21:15:26 +0200
commit	4ea9c4f98ddabba231e59b9bd321ba1af0894552 (patch)
tree	b7fcfe602dce360278e7bf2a494490f908b1b34e /src/node
parent	06ff0230474f9c3b5baa4e5827b897f42fe16213 (diff)
download	etherpad-lite-4ea9c4f98ddabba231e59b9bd321ba1af0894552.zip