From c2413ccfdde857074dbe20b2c5f8eb66b1f8f42d Mon Sep 17 00:00:00 2001 From: Zed Date: Mon, 19 Aug 2019 03:02:34 +0200 Subject: [PATCH] Set cookie security using useHttps config option --- src/config.nim | 1 + src/nitter.nim | 4 ++-- src/types.nim | 1 + 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/src/config.nim b/src/config.nim index 7c2bbdf..2b2317f 100644 --- a/src/config.nim +++ b/src/config.nim @@ -15,6 +15,7 @@ proc getConfig*(path: string): Config = Config( address: cfg.get("Server", "address", "0.0.0.0"), port: cfg.get("Server", "port", 8080), + useHttps: cfg.get("Server", "https", true), title: cfg.get("Server", "title", "Nitter"), staticDir: cfg.get("Server", "staticDir", "./public"), diff --git a/src/nitter.nim b/src/nitter.nim index a985371..9a66357 100644 --- a/src/nitter.nim +++ b/src/nitter.nim @@ -89,13 +89,13 @@ routes: post "/saveprefs": var prefs = cookiePrefs() genUpdatePrefs() - setCookie("preferences", $prefs.id, daysForward(360), httpOnly=true, secure=true) + setCookie("preferences", $prefs.id, daysForward(360), httpOnly=true, secure=cfg.useHttps) redirect("/") post "/resetprefs": var prefs = cookiePrefs() resetPrefs(prefs) - setCookie("preferences", $prefs.id, daysForward(360), httpOnly=true, secure=true) + setCookie("preferences", $prefs.id, daysForward(360), httpOnly=true, secure=cfg.useHttps) redirect("/settings") get "/settings": diff --git a/src/types.nim b/src/types.nim index e254c4e..247a65c 100644 --- a/src/types.nim +++ b/src/types.nim @@ -167,6 +167,7 @@ type Config* = ref object address*: string port*: int + useHttps*: bool title*: string staticDir*: string cacheDir*: string