Set secure flag for non-session cookies
This adds the secure flag to all cookies that are set in the frontend for storing various settings. If `SameSite=none` is set (like when embedding the instance is allowed), the `secure` flag is necessary to set any cookie. Signed-off-by: David Mehren <git@herrmehren.de>
This commit is contained in:
David Mehren
@@ -12,6 +12,7 @@
|
||||
### Bugfixes
|
||||
- Fix crash when trying to read the current Git commit on startup
|
||||
- Fix endless loop on shutdown when HedgeDoc can't connect to the database
|
||||
- Ensure that all cookies are set with the `secure` flag, if HedgeDoc is loaded via HTTPS
|
||||
|
||||
## <i class="fa fa-tag"></i> 1.8.2 <i class="fa fa-calendar-o"></i> 2021-05-11
|
||||
|
||||
|
||||
Reference in New Issue
Block a user