From 88f16c04211234cc3b06b14d21703e7ac21b86e5 Mon Sep 17 00:00:00 2001
From: Janis Hutz <development@janishutz.com>
Date: Thu, 27 Jul 2023 14:26:29 +0200
Subject: [PATCH] add cookie security settings

---
 src/server/app.js | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/server/app.js b/src/server/app.js
index 8707696..d1e0ecb 100644
--- a/src/server/app.js
+++ b/src/server/app.js
@@ -67,7 +67,9 @@ app.use( expressSession( {
     resave: true,
     saveUninitialized: true,
     cookie: {
-        sameSite: 'none'
+        sameSite: 'none',
+        httpOnly: true,
+        secure: true,
     }
 } ) );