Skip to content

Commit

Permalink
feat: set httpOnly based on DISABLE_HTTP_ONLY_COOKIE flag (#5448)
Browse files Browse the repository at this point in the history 
Co-authored-by: Pavel White <[email protected]>
  • Loading branch information
@paulo-rossy @pahaz
paulo-rossy and pahaz authored Nov 10, 2024
1 parent 30b98c2 commit 3059efc
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions packages/keystone/setup.utils.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,7 @@ function prepareDefaultKeystoneConfig (conf) {
sameSite: HTTPS_REGEXP.test(conf.SERVER_URL) && conf.NODE_ENV === 'production' ? 'None' : 'Lax',
// NOTE(pahaz): Apollo server client doesn't work with secure=true! Need to research why
secure: HTTPS_REGEXP.test(conf.SERVER_URL) && conf.NODE_ENV === 'production',
httpOnly: conf.DISABLE_HTTP_ONLY_COOKIE !== 'true',
// 1000 * (Math.pow(2, 31) - 1) IS APPROXIMATELY 68 YEARS IN MILLISECONDS :)
maxAge: conf.COOKIE_MAX_AGE || 1000 * (Math.pow(2, 31) - 1),
},
Expand Down

0 comments on commit 3059efc

Please sign in to comment.