Don't make cookies secure in no-tls mode

teleclimber / Dropserver

An application platform for your personal web services. https://dropserver.org

Apache License 2.0

42 stars 1 forks source link

Closed teleclimber closed 1 year ago

teleclimber commented 2 years ago

When using no-tls: true in config to load ds without TLS, the cookies that ds sends back have the Secure flag. This obviously doesn't work.

Only put the secure flag if no-tls is false.

teleclimber commented 1 year ago

It seems this has been fixed for a while.