|
@@ -159,7 +159,7 @@ func main() {
|
159
|
159
|
store = sessions.NewCookieStore([]byte(*sessionKey))
|
160
|
160
|
store.Options = &sessions.Options{
|
161
|
161
|
MaxAge: 0,
|
162
|
|
- Secure: false, //true,
|
|
162
|
+ Secure: true, // Set to false for local development
|
163
|
163
|
HttpOnly: true,
|
164
|
164
|
SameSite: http.SameSiteStrictMode,
|
165
|
165
|
}
|
|
@@ -182,7 +182,7 @@ func main() {
|
182
|
182
|
r.HandleFunc("/solve", handleSolve).Methods("POST")
|
183
|
183
|
|
184
|
184
|
// If developing locally, you'll need to pass csrf.Secure(false) as an argument below.
|
185
|
|
- CSRF := csrf.Protect([]byte(*csrfKey), csrf.FieldName(csrfFieldName), csrf.Secure(false))
|
|
185
|
+ CSRF := csrf.Protect([]byte(*csrfKey), csrf.FieldName(csrfFieldName))
|
186
|
186
|
err := http.ListenAndServe(fmt.Sprintf(":%d", *port), CSRF(r))
|
187
|
187
|
if err != nil {
|
188
|
188
|
_, _ = fmt.Fprintf(os.Stderr, "Unable to listen on port %d: %s\n", *port, err.Error())
|