Improve cookie security

This commit is contained in:
Zed 2019-08-15 18:25:47 +02:00
parent 7dfbc16f4c
commit 11887b793a
3 changed files with 4 additions and 4 deletions

View file

@ -11,8 +11,8 @@ bin = @["nitter"]
# Dependencies
requires "nim >= 0.19.9"
requires "norm >= 1.0.11"
requires "jester >= 0.4.1"
requires "norm <= 1.0.11"
requires "jester >= 0.4.3"
requires "regex >= 0.11.2"
requires "q >= 0.0.7"
requires "nimcrypto >= 0.3.9"

View file

@ -92,7 +92,7 @@ routes:
post "/saveprefs":
var prefs = getCookiePrefs(request)
genUpdatePrefs()
setCookie("preferences", $prefs.id, daysForward(360))
setCookie("preferences", $prefs.id, daysForward(360), httpOnly=true, secure=true)
redirect("/settings")
get "/settings":

View file

@ -46,7 +46,7 @@ const prefList*: Table[string, seq[Pref]] = {
"Display": @[
Pref(kind: checkbox, name: "hideTweetStats",
label: "Hide tweet stats (replies, retweets, likes",
label: "Hide tweet stats (replies, retweets, likes)",
defaultState: false),
Pref(kind: checkbox, name: "hideBanner", label: "Hide profile banner",