From 35144b34c2c9fd43ffca04e5e213cc65794593a6 Mon Sep 17 00:00:00 2001 From: "Philip H." <47042125+pheiduck@users.noreply.github.com> Date: Sat, 2 Dec 2023 23:38:28 +0000 Subject: [PATCH] fixup: some security stuff --- src/lib/Server.js | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/lib/Server.js b/src/lib/Server.js index d0b0baec..b91efc04 100644 --- a/src/lib/Server.js +++ b/src/lib/Server.js @@ -31,6 +31,9 @@ module.exports = class Server { secret: crypto.randomBytes(256).toString('hex'), resave: true, saveUninitialized: true, + cookie: { + httpOnly: true, + }, })) .get('/api/release', (Util.promisify(async () => {