From fc5db0e95a299c2d854a8ebe0206e48bab0d351a Mon Sep 17 00:00:00 2001
From: mikestefanello <552328+mikestefanello@users.noreply.github.com>
Date: Mon, 2 Jun 2025 08:42:14 -0400
Subject: [PATCH] Fix Safari cookies and CSRF.

---
 pkg/handlers/router.go | 2 --
 1 file changed, 2 deletions(-)

diff --git a/pkg/handlers/router.go b/pkg/handlers/router.go
index 57d31de..21ecdbd 100644
--- a/pkg/handlers/router.go
+++ b/pkg/handlers/router.go
@@ -30,7 +30,6 @@ func BuildRouter(c *services.Container) error {
 	// Create a cookie store for session data.
 	cookieStore := sessions.NewCookieStore([]byte(c.Config.App.EncryptionKey))
 	cookieStore.Options.HttpOnly = true
-	cookieStore.Options.Secure = true
 	cookieStore.Options.SameSite = http.SameSiteStrictMode
 
 	g.Use(
@@ -52,7 +51,6 @@ func BuildRouter(c *services.Container) error {
 		echomw.CSRFWithConfig(echomw.CSRFConfig{
 			TokenLookup:    "form:csrf",
 			CookieHTTPOnly: true,
-			CookieSecure:   true,
 			CookieSameSite: http.SameSiteStrictMode,
 			ContextKey:     context.CSRFKey,
 		}),