From 4ea9c4f98ddabba231e59b9bd321ba1af0894552 Mon Sep 17 00:00:00 2001 From: Stefan Date: Wed, 8 Jun 2016 21:15:26 +0200 Subject: [PATCH] Add secure flag to express-session cookies --- src/node/hooks/express/webaccess.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/node/hooks/express/webaccess.js b/src/node/hooks/express/webaccess.js index 2cafd2718..80c218375 100644 --- a/src/node/hooks/express/webaccess.js +++ b/src/node/hooks/express/webaccess.js @@ -120,7 +120,7 @@ exports.expressConfigure = function (hook_name, args, cb) { } args.app.sessionStore = exports.sessionStore; - args.app.use(sessionModule({secret: exports.secret, store: args.app.sessionStore, resave: true, saveUninitialized: true, name: 'express_sid' })); + args.app.use(sessionModule({secret: exports.secret, store: args.app.sessionStore, resave: true, saveUninitialized: true, name: 'express_sid', proxy: true, cookie: { secure: true }})); args.app.use(cookieParser(settings.sessionKey, {}));