X-Git-Url: http://git.archive.openwrt.org/?p=project%2Fluci.git;a=blobdiff_plain;f=modules%2Fluci-base%2Fluasrc%2Fdispatcher.lua;h=45e1e308f8f6ddebddbc7ee7534e1f677443d9e6;hp=baaa95ad79604c0d012a144d8374fd9c5ab6388d;hb=828202ef5237f48e6f53d15ca198e2c6815b7cd7;hpb=9f796fad3a0cc89df57d4e27ef6d7223a093071c;ds=sidebyside

diff --git a/modules/luci-base/luasrc/dispatcher.lua b/modules/luci-base/luasrc/dispatcher.lua
index baaa95ad7..45e1e308f 100644
--- a/modules/luci-base/luasrc/dispatcher.lua
+++ b/modules/luci-base/luasrc/dispatcher.lua
@@ -429,7 +429,9 @@ function dispatch(request)
 				return
 			end
 
-			http.header("Set-Cookie", 'sysauth=%s; path=%s' %{ sid, build_url() })
+			http.header("Set-Cookie", 'sysauth=%s; path=%s; HttpOnly%s' %{
+				sid, build_url(), http.getenv("HTTPS") == "on" and "; secure" or ""
+			})
 			http.redirect(build_url(unpack(ctx.requestpath)))
 		end