diff options
-rw-r--r-- | config.go | 3 | ||||
-rw-r--r-- | fbfp.scfg.example | 4 | ||||
-rw-r--r-- | oidc.go | 1 |
3 files changed, 8 insertions, 0 deletions
@@ -37,6 +37,7 @@ import ( var config_with_pointers struct { Url *string `scfg:"url"` + Prod *bool `scfg:"prod"` Tmpl *string `scfg:"tmpl"` Static *bool `scfg:"static"` Listen struct { @@ -57,6 +58,7 @@ var config_with_pointers struct { var config struct { Url string + Prod bool Tmpl string Static bool Listen struct { @@ -87,6 +89,7 @@ func fbfp_get_config(path string) { * There should be better ways to handle this. */ config.Url = *(config_with_pointers.Url) + config.Prod = *(config_with_pointers.Prod) config.Tmpl = *(config_with_pointers.Tmpl) config.Static = *(config_with_pointers.Static) config.Listen.Addr = *(config_with_pointers.Listen.Addr) diff --git a/fbfp.scfg.example b/fbfp.scfg.example index 2868c8e..0e72f37 100644 --- a/fbfp.scfg.example +++ b/fbfp.scfg.example @@ -2,6 +2,10 @@ # and some user-accessible URLs. url http://localhost +# Should we run in production mode? This causes the Secure flag to be set on +# cookies and may come with other production-related changes in the future. +prod true + # Where is the tmpl directory? Usually this should be a directory inside # the fbfp source directory, though it might exist in /usr/local/share or # /usr/share if this ever gets packaged or something. @@ -245,6 +245,7 @@ func handle_oidc(w http.ResponseWriter, req *http.Request) { Value: cookie_value, SameSite: http.SameSiteLaxMode, HttpOnly: true, + Secure: config.Prod, } http.SetCookie(w, &cookie) |