christoph/pamietnik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix session cookie: disable Secure flag for HTTP deployment
Some checks failed
Deploy to NAS / deploy (push) Failing after 2m12s
Details

Browse Source 
Secure: true requires HTTPS — cookie was not sent back on HTTP requests,
breaking the session after login.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Christoph K.
2026-04-07 17:28:42 +02:00
parent 36766592d3
commit 286b48247e
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
backend/internal/api/webui.go
View File

@@ -106,7 +106,7 @@ func (ui *WebUI) HandlePostLogin(w http.ResponseWriter, r *http.Request) {
Value: sess.SessionID,
Path: "/",
HttpOnly: true,
Secure: true,
Secure: false,
SameSite: http.SameSiteLaxMode,
Expires: sess.ExpiresAt,
})