Mercurial Mercurial > pub > hg > cubicweb / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
web/application.py
changeset 10001 1245357b3b3e
parent 9897 fa44db7da2dc
child 10322 d7c33cbdce8b
child 10389 f9b06d03859f 
--- a/web/application.py	Fri Oct 17 18:16:58 2014 +0200
+++ b/web/application.py	Tue Jul 15 16:07:59 2014 +0200
@@ -224,7 +224,7 @@
         sessioncookie = self.session_cookie(req)
         secure = req.https and req.base_url().startswith('https://')
         req.set_cookie(sessioncookie, session.sessionid,
-                       maxage=None, secure=secure)
+                       maxage=None, secure=secure, httponly=True)
         if not session.anonymous_session:
             self.session_manager.postlogin(req, session)
         return session
cubicweb