diff options
| author | nico <nico@lifeisabug.com> | 2018-11-22 18:09:04 +0100 |
|---|---|---|
| committer | syuilo <Syuilotan@yahoo.co.jp> | 2018-11-23 02:09:04 +0900 |
| commit | 2a0b62d26dd253779c0e02933259cf3fe35c5c99 (patch) | |
| tree | 3f720623dddd592104edf27340c9589f036692c1 /src/server/api/common | |
| parent | No cache /notes/:note (#3382) (diff) | |
| download | sharkey-2a0b62d26dd253779c0e02933259cf3fe35c5c99.tar.gz sharkey-2a0b62d26dd253779c0e02933259cf3fe35c5c99.tar.bz2 sharkey-2a0b62d26dd253779c0e02933259cf3fe35c5c99.zip | |
Fix #3343 (#3383)
Setting "X-Forwarded-Proto: https" in the SSL proxy is the correct way to do this
Diffstat (limited to 'src/server/api/common')
| -rw-r--r-- | src/server/api/common/signin.ts | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/server/api/common/signin.ts b/src/server/api/common/signin.ts index 8d44b377fe..3a5ba0ea04 100644 --- a/src/server/api/common/signin.ts +++ b/src/server/api/common/signin.ts @@ -9,8 +9,8 @@ export default function(ctx: Koa.Context, user: ILocalUser, redirect = false) { path: '/', domain: config.hostname, // SEE: https://github.com/koajs/koa/issues/974 - //secure: config.url.startsWith('https'), - secure: false, + // When using a SSL proxy it should be configured to add the "X-Forwarded-Proto: https" header + secure: config.url.startsWith('https'), httpOnly: false, expires: new Date(Date.now() + expires), maxAge: expires |