Cavemanon/haproxy-protection
8
Fork 0
mirror of https://gitgud.io/fatchan/haproxy-protection.git synced 2025-05-09 02:05:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

samesite strict and secure in hcaptcha script set-cookie

Browse Source
This commit is contained in:
Thomas Lynch
2021-11-25 18:31:22 +11:00
parent c16a554754
commit 7b11645190
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/scripts/hcaptcha.lua
View File

@ -124,7 +124,7 @@ function _M.view(applet)
local floating_hash = utils.generate_secret(applet, hcaptcha_cookie_secret, true, nil)
applet:add_header(
"set-cookie",
string.format("z_ddos_captcha=%s; expires=Thu, 31-Dec-37 23:55:55 GMT; Path=/", floating_hash)
string.format("z_ddos_captcha=%s; expires=Thu, 31-Dec-37 23:55:55 GMT; Path=/; SameSite=Strict; Secure=true;", floating_hash)
)
-- else
-- core.Debug("HCAPTCHA FAILED: " .. json.encode(api_response))