sasjs/server
1
0
Fork 0
mirror of https://github.com/sasjs/server.git synced 2025-12-12 03:54:34 +00:00
Code Issues Projects Releases Wiki Activity

fix(security): missing cookie flags are added

Browse Source
This commit is contained in:
Saad Jutt
2022-07-20 01:40:31 +05:00
parent 1b234eb2b1
commit 526402fd73
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
api/src/routes/web/web.ts
View File

@@ -1,4 +1,5 @@
import express from 'express' import express from 'express'
import { cookieOptions } from '../../app'
import { WebController } from '../../controllers/web' import { WebController } from '../../controllers/web'
import { authenticateAccessToken, desktopRestrict } from '../../middlewares' import { authenticateAccessToken, desktopRestrict } from '../../middlewares'
import { authorizeValidation, loginWebValidation } from '../../utils' import { authorizeValidation, loginWebValidation } from '../../utils'
@@ -13,7 +14,7 @@ webRouter.get('/', async (req, res) => {
} catch (_) { } catch (_) {
response = 'Web Build is not present' response = 'Web Build is not present'
} finally { } finally {
res.cookie('XSRF-TOKEN', req.csrfToken()) res.cookie('XSRF-TOKEN', req.csrfToken(), cookieOptions)
return res.send(response) return res.send(response)
} }