Improve cookie security

This commit is contained in:
Zed 2019-08-15 18:25:47 +02:00
parent 7dfbc16f4c
commit 11887b793a
3 changed files with 4 additions and 4 deletions

View File

@ -11,8 +11,8 @@ bin = @["nitter"]
# Dependencies # Dependencies
requires "nim >= 0.19.9" requires "nim >= 0.19.9"
requires "norm >= 1.0.11" requires "norm <= 1.0.11"
requires "jester >= 0.4.1" requires "jester >= 0.4.3"
requires "regex >= 0.11.2" requires "regex >= 0.11.2"
requires "q >= 0.0.7" requires "q >= 0.0.7"
requires "nimcrypto >= 0.3.9" requires "nimcrypto >= 0.3.9"

View File

@ -92,7 +92,7 @@ routes:
post "/saveprefs": post "/saveprefs":
var prefs = getCookiePrefs(request) var prefs = getCookiePrefs(request)
genUpdatePrefs() genUpdatePrefs()
setCookie("preferences", $prefs.id, daysForward(360)) setCookie("preferences", $prefs.id, daysForward(360), httpOnly=true, secure=true)
redirect("/settings") redirect("/settings")
get "/settings": get "/settings":

View File

@ -46,7 +46,7 @@ const prefList*: Table[string, seq[Pref]] = {
"Display": @[ "Display": @[
Pref(kind: checkbox, name: "hideTweetStats", Pref(kind: checkbox, name: "hideTweetStats",
label: "Hide tweet stats (replies, retweets, likes", label: "Hide tweet stats (replies, retweets, likes)",
defaultState: false), defaultState: false),
Pref(kind: checkbox, name: "hideBanner", label: "Hide profile banner", Pref(kind: checkbox, name: "hideBanner", label: "Hide profile banner",