projects / project / luci.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge pull request #1769 from jow-/master
[project/luci.git] / modules / luci-base / luasrc / dispatcher.lua
diff --git a/modules/luci-base/luasrc/dispatcher.lua b/modules/luci-base/luasrc/dispatcher.lua
index baaa95a..45e1e30 100644 (file)
--- a/modules/luci-base/luasrc/dispatcher.lua
+++ b/modules/luci-base/luasrc/dispatcher.lua
@@ -429,7 +429,9 @@ function dispatch(request)
                                return
                        end
 
-                       http.header("Set-Cookie", 'sysauth=%s; path=%s' %{ sid, build_url() })
+                       http.header("Set-Cookie", 'sysauth=%s; path=%s; HttpOnly%s' %{
+                               sid, build_url(), http.getenv("HTTPS") == "on" and "; secure" or ""
+                       })
                        http.redirect(build_url(unpack(ctx.requestpath)))
                end
 
Lua Configuration Interface (mirror)