add cookie security settings

2025-11-25 05:14:23 +00:00 · 2023-07-27 14:26:29 +02:00
parent a2dac4bbbb
commit 88f16c0421
1 changed files with 3 additions and 1 deletions
--- a/src/server/app.js
+++ b/src/server/app.js
@@ -67,7 +67,9 @@ app.use( expressSession( {
    resave: true,
    saveUninitialized: true,
    cookie: {
-        sameSite: 'none'
+        sameSite: 'none',
        httpOnly: true,
        secure: true,
    }
 } ) );