Previously cookie path was set to Path="/api", this was a performance improvement to tell the browser to send the cookie only to request with that prefix, however also consume endpoints on Path="/ws", since rfc6265 doesnt support multiple paths or regular expressions in the path field of a cookie we are back to use Path="/" which means send the cookie to all request under the current domain. Co-authored-by: Daniel Valdivia <hola@danielvaldivia.com>
This commit is contained in:
Lenin Alevski
GitHub
@@ -109,7 +109,7 @@ func NewSessionCookieForConsole(token string) http.Cookie {
|
||||
expiration := time.Now().Add(SessionDuration)
|
||||
|
||||
return http.Cookie{
|
||||
Path: "/api", // browser will send cookie only for HTTP request under api path
|
||||
Path: "/",
|
||||
Name: "token",
|
||||
Value: token,
|
||||
MaxAge: int(SessionDuration.Seconds()), // 45 minutes
|
||||
@@ -125,7 +125,7 @@ func NewSessionCookieForConsole(token string) http.Cookie {
|
||||
|
||||
func ExpireSessionCookie() http.Cookie {
|
||||
return http.Cookie{
|
||||
Path: "/api", // browser will send cookie only for HTTP request under api path
|
||||
Path: "/",
|
||||
Name: "token",
|
||||
Value: "",
|
||||
MaxAge: -1,
|
||||
|
||||
Reference in New Issue
Block a user