Sheogorath 8406f75bb7 Ensure session cookies are secure ... While HSTS should take care of most of this, setting cookies to be secure, and only applied on same site helps to improve situations where for whatever reason, downgrade attacks are still a thing. This patch adds the `sameSite` and `secure` to the session cookie and this way prevent all accidents where a browser may doesn't support HSTS or HSTS is intentionally dropped. Reference: https://www.npmjs.com/package/express-session#cookiesecure Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>		2020-07-10 18:40:56 +08:00
..
config	Add option for socket permissions	2020-06-20 23:04:38 +08:00
migrations	Move lib and test into src directory	2020-05-22 14:19:05 +02:00
models	Fix default permission	2020-06-20 20:37:05 +08:00
ot	Move lib and test into src directory	2020-05-22 14:19:05 +02:00
utils	Improve handling of termination signals	2020-06-27 19:40:31 +08:00
web	Fix typescript error	2020-07-03 23:32:48 +08:00
workers	Type fix in dmpWorker	2020-05-25 23:33:20 +02:00
app.ts	Ensure session cookies are secure	2020-07-10 18:40:56 +08:00
csp.ts	Move lib and test into src directory	2020-05-22 14:19:05 +02:00
errors.ts	errors.ts: Convert require to import	2020-05-22 21:11:59 +02:00
history.ts	Fix note history updating 🐛	2020-05-25 23:33:20 +02:00
letter-avatars.ts	Merge branch 'pr-origin-365' into release/2.0.x	2020-05-22 16:21:17 +02:00
library-ext.d.ts	More types for history, config/interfaces and Request.flash	2020-05-24 17:07:13 +02:00
logger.ts	Move lib and test into src directory	2020-05-22 14:19:05 +02:00
realtime.ts	Improve handling of termination signals	2020-06-27 19:40:31 +08:00
response.ts	ESLint fixes for Notes	2020-05-22 21:11:58 +02:00