From 876908eca156b33497665cb6954c318d2ad013ac Mon Sep 17 00:00:00 2001
From: Yorhel <git@yorhel.nl>
Date: Thu, 16 Oct 2014 14:24:47 +0200
Subject: Set httponly flag on auth cookie

---
 lib/VNDB/Util/Auth.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'lib/VNDB/Util/Auth.pm')

diff --git a/lib/VNDB/Util/Auth.pm b/lib/VNDB/Util/Auth.pm
index 05bb1fd2..d6a35d1d 100644
--- a/lib/VNDB/Util/Auth.pm
+++ b/lib/VNDB/Util/Auth.pm
@@ -61,7 +61,7 @@ sub authLogin {
     $self->dbSessionAdd($self->{_auth}{id}, sha1 $token);
 
     $self->resRedirect($to, 'post');
-    $self->resCookie(auth => $cookie, expires => time + 31536000); # keep the cookie for 1 year
+    $self->resCookie(auth => $cookie, httponly => 1, expires => time + 31536000); # keep the cookie for 1 year
     return 1;
   }
 
-- 
cgit v1.2.3