mark redirect_to cookie as http only

closes #10829

mark redirect_to cookie as http only
closes #10829
0ab03439 · bergquist · aa902ef8 · 0ab03439
Commit 0ab03439 authored Feb 15, 2018 by bergquist
Show whitespace changes
Inline Side-by-side

Showing with 2 additions and 1 deletions

pkg/middleware/auth.go
+2 -1

No files found.
--- a/pkg/middleware/auth.go
+++ b/pkg/middleware/auth.go
@@ -51,7 +51,8 @@ func notAuthorized(c *Context) {
 		return
 	}

-	c.SetCookie("redirect_to", url.QueryEscape(setting.AppSubUrl+c.Req.RequestURI), 0, setting.AppSubUrl+"/")
+	c.SetCookie("redirect_to", url.QueryEscape(setting.AppSubUrl+c.Req.RequestURI), 0, setting.AppSubUrl+"/", nil, false, true)
+
 	c.Redirect(setting.AppSubUrl + "/login")
 }