gaspersic/freeCodeCamp
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix(api): csrf over http in development (#39114)

Browse Source
This commit is contained in:
Oliver Eyton-Williams
2020-06-22 12:27:20 +02:00
committed by GitHub
parent 0116afd18b
commit 5a80b83579
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
api-server/server/middlewares/csurf.js
View File

@ -5,7 +5,7 @@ export default function() {
cookie: { cookie: {
domain: process.env.COOKIE_DOMAIN || 'localhost', domain: process.env.COOKIE_DOMAIN || 'localhost',
sameSite: 'strict', sameSite: 'strict',
secure: true secure: process.env.FREECODECAMP_NODE_ENV === 'production'
} }
}); });
return function csrf(req, res, next) { return function csrf(req, res, next) {