summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--modules/luci-base/luasrc/dispatcher.lua4
1 files changed, 3 insertions, 1 deletions
diff --git a/modules/luci-base/luasrc/dispatcher.lua b/modules/luci-base/luasrc/dispatcher.lua
index 1984fc4ad2..38932afae7 100644
--- a/modules/luci-base/luasrc/dispatcher.lua
+++ b/modules/luci-base/luasrc/dispatcher.lua
@@ -428,7 +428,9 @@ function dispatch(request)
return
end
- http.header("Set-Cookie", 'sysauth=%s; path=%s' %{ sid, build_url() })
+ http.header("Set-Cookie", 'sysauth=%s; path=%s; HttpOnly%s' %{
+ sid, build_url(), http.getenv("HTTPS") == "on" and "; secure" or ""
+ })
http.redirect(build_url(unpack(ctx.requestpath)))
end