Add 'secure' for cookies when SSL enabled

2018-07-18 19:29:03 -05:00 · 2018-07-18 19:29:03 -05:00 · 61e3c39ecd
parent 68d5ee95b3
commit 61e3c39ecd
1 changed files with 6 additions and 1 deletions
--- a/src/invidious.cr
+++ b/src/invidious.cr
@ -663,7 +663,12 @@ post "/login" do |env|
    host = URI.parse(env.request.headers["Host"]).host

    login.cookies.each do |cookie|
-      cookie.secure = false
+      if Kemal.config.ssl
+        cookie.secure = true
+      else
+        cookie.secure = false
+      end
+
      cookie.extension = cookie.extension.not_nil!.gsub(".youtube.com", host)
      cookie.extension = cookie.extension.not_nil!.gsub("Secure; ", "")
    end