flatpressblog / flatpress

FlatPress is a lightweight, easy-to-set-up flat-file blogging engine.
https://flatpress.org
GNU General Public License v2.0
185 stars 57 forks source link

Fixes: There is no Cookie Prefix on this cookie #245

Closed Fraenkiman closed 6 months ago

Fraenkiman commented 1 year ago

Fixes #155

fp-cookie

This prefix is the more relaxed in terms of the restrictions it applies but is still useful. You simply prefix your cookie and a compliant browser will enforce it:

Set-Cookie: __Secure-sess=123; path=/; Secure

The __secure prefix signals to the browser that the SecureAttribute is required.

In addition, the problem that you cannot log in to the admin area via a non-HTTPS connection has been fixed. Reported by @prbt2016 in #371. Many thanks also at this point. Also #375 was created as a suggestion.

azett commented 6 months ago

Worked into Branch issue371_httphttps - excellent work!