Session cookie is not secure

Rudloff / alltube

Web GUI for youtube-dl

GNU General Public License v3.0

2.96k stars 582 forks source link

Closed Rudloff closed 3 years ago

Rudloff commented 3 years ago

It should have the Secure and HttpOnly flags.

Rudloff commented 3 years ago

I added these attributes. I can't add the SameSite attribute until this is merged: https://github.com/auraphp/Aura.Session/pull/72