summaryrefslogtreecommitdiff
path: root/packages/backend/src/queue/processors/CleanRemoteFilesProcessorService.ts
diff options
context:
space:
mode:
authordakkar <dakkar@thenautilus.net>2024-03-10 10:26:04 +0000
committerdakkar <dakkar@thenautilus.net>2024-03-10 10:26:04 +0000
commit6826e43ad7283472784223f85b6a7b04bfffd0d8 (patch)
treefe8843311dff9bbaee931db59665f2a856bf2e6a /packages/backend/src/queue/processors/CleanRemoteFilesProcessorService.ts
parentmerge: Feature/maybe nicer dockerfile (!463) (diff)
downloadsharkey-6826e43ad7283472784223f85b6a7b04bfffd0d8.tar.gz
sharkey-6826e43ad7283472784223f85b6a7b04bfffd0d8.tar.bz2
sharkey-6826e43ad7283472784223f85b6a7b04bfffd0d8.zip
make cookie a bit more secure - fixes #445
We can't make the cookie `HttpOnly` because we're setting it from Javascript, but I'm not sure it's worth the trouble to redesign that: `JSON.parse(localStorage.account).token` gives you the token anyway, hiding the cookie from JS won't offer much protection. At least we can mark is `Secure` (meaning, only send it over HTTPS) and _delete it on logout_ (it wasn't!)
Diffstat (limited to 'packages/backend/src/queue/processors/CleanRemoteFilesProcessorService.ts')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-03-04 22:09:52 +0000