sasjs/server
1
0
Fork 0
mirror of https://github.com/sasjs/server.git synced 2025-12-10 11:24:35 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #234 from sasjs/issue147

Browse Source 
fix(security): missing cookie flags are added
This commit is contained in:
Allan Bowe
2022-07-19 22:02:05 +01:00
committed by GitHub
parent 1b234eb2b1 526402fd73
commit cb84c3ebbb
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
api/src/routes/web/web.ts
View File

@@ -1,4 +1,5 @@
import express from 'express'
import { cookieOptions } from '../../app'
import { WebController } from '../../controllers/web'
import { authenticateAccessToken, desktopRestrict } from '../../middlewares'
import { authorizeValidation, loginWebValidation } from '../../utils'
@@ -13,7 +14,7 @@ webRouter.get('/', async (req, res) => {
} catch (_) {
response = 'Web Build is not present'
} finally {
res.cookie('XSRF-TOKEN', req.csrfToken())
res.cookie('XSRF-TOKEN', req.csrfToken(), cookieOptions)
return res.send(response)
}