thepaperpilot/forgejo
1
0
Fork 0
Code Issues Pull requests Releases Activity Actions
forgejo/modules/setting
History
wxiaoguang 8f6d442a04
Use secure cookie for HTTPS sites (#26999) (#27013) 
Backport #26999

If the AppURL(ROOT_URL) is an HTTPS URL, then the COOKIE_SECURE's
default value should be true.

And, if a user visits an "http" site with "https" AppURL, they won't be
able to login, and they should have been warned. The only problem is
that the "language" can't be set either in such case, while I think it
is not a serious problem, and it could be fixed easily if needed.

(cherry picked from commit b0a405c5fa)
2023-09-20 12:50:46 +02:00
..
actions.go [CI] DEFAULT_ACTIONS_URL support for self & github (squash) 2023-07-19 14:34:38 +02:00
actions_test.go [CI] DEFAULT_ACTIONS_URL support for self & github (squash) 2023-07-19 14:34:38 +02:00
admin.go
api.go
asset_dynamic.go
asset_static.go
attachment.go
attachment_test.go
cache.go
camo.go
config_env.go Remove last newline from config file (#26468) (#26471) 2023-08-21 07:22:19 +02:00
config_env_test.go Remove last newline from config file (#26468) (#26471) 2023-08-21 07:22:19 +02:00
config_provider.go Fix INI parsing for value with trailing slash (#26995) (#27001) 2023-09-20 12:50:46 +02:00
config_provider_test.go Fix INI parsing for value with trailing slash (#26995) (#27001) 2023-09-20 12:50:46 +02:00
cors.go
cron.go
cron_test.go
database.go [GITEA] Add slow SQL query warning 2023-08-21 21:18:43 +02:00
database_sqlite.go
database_test.go
federation.go
forgejo_storage_test.go [TESTS] verify facts for the admin storage documentation (squash) 2023-08-31 15:32:22 +02:00
git.go
git_test.go
highlight.go
i18n.go
incoming_email.go
indexer.go
indexer_test.go
lfs.go Avoid writing config file if not installed (#26107) (#26113) 2023-08-21 07:22:15 +02:00
lfs_test.go Display deprecated warning in admin panel pages as well as in the log file (#26094) (#26154) 2023-07-30 07:42:53 +02:00
log.go Clarify the logger's MODE config option (#26267) (#26281) 2023-08-21 07:22:16 +02:00
log_test.go
mailer.go
mailer_test.go
markup.go
metrics.go
migrations.go
mime_type_map.go
mirror.go
oauth2.go
other.go
packages.go Avoid creating directories when loading config (#25944) (#25957) 2023-07-24 07:58:56 +02:00
packages_test.go
path.go Update path related documents (#25417) (#25982) 2023-07-24 07:58:56 +02:00
path_test.go [BRANDING] alias {FORGEJO,GITEA}_{CUSTOM,WORK_DIR} 2023-07-17 00:25:56 +02:00
picture.go
project.go
proxy.go
queue.go Calculate MAX_WORKERS default value by CPU number (#26177) (#26183) 2023-07-30 07:46:18 +02:00
repository.go
repository_archive.go
repository_archive_test.go
security.go
server.go
service.go Fix some slice append usages (#26778) (#26798) 2023-09-08 08:09:18 +02:00
service_test.go Fix allowed user types setting problem (#26200) (#26206) 2023-07-30 07:46:19 +02:00
session.go Use secure cookie for HTTPS sites (#26999) (#27013) 2023-09-20 12:50:46 +02:00
setting.go [SEMVER] store SemVer in ForgejoSemVer after a database upgrade 2023-08-21 07:22:18 +02:00
setting_test.go
ssh.go
storage.go Fix storage path logic especially for relative paths (#26441) (#26481) 2023-08-21 07:22:19 +02:00
storage_test.go Fix storage path logic especially for relative paths (#26441) (#26481) 2023-08-21 07:22:19 +02:00
task.go
time.go
ui.go
webhook.go [BRANDING] define the forgejo webhook type 2023-08-21 07:22:16 +02:00