From cffe35e0e3acac7dd5b83cd7cbec9bc9ff1d17e4 Mon Sep 17 00:00:00 2001
From: Julian Hurst <ark@mansus.space>
Date: Fri, 13 Jan 2023 12:04:40 +0100
Subject: Secure cookie only https on qutebrowser

Apparently no localhost exception, so cookies are broken.
---
 main.go | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/main.go b/main.go
index b7e8e53..7681c86 100644
--- a/main.go
+++ b/main.go
@@ -264,7 +264,8 @@ func sendFlashError(w http.ResponseWriter, r *http.Request, url string, err erro
 		Name: "flasherror",
 		Value: str,
 		MaxAge: 0,
-		Secure: true,
+		// Only https on qutebrowser
+		//Secure: true,
 		HttpOnly: true,
 		SameSite: http.SameSiteStrictMode,
 	}
@@ -325,7 +326,8 @@ func login(w http.ResponseWriter, r *http.Request) {
 			Name: "session",
 			Value: bStr,
 			MaxAge: 0,
-			Secure: true,
+			// Only https on qutebrowser
+			//Secure: true,
 			HttpOnly: true,
 			SameSite: http.SameSiteStrictMode,
 		}
-- 
cgit v1.2.3