Fix Safari cookies and CSRF.

2025-06-02 08:42:14 -04:00 · 2025-06-02 08:42:14 -04:00 · fc5db0e95a
commit fc5db0e95a
parent 9e15bceace
1 changed files with 0 additions and 2 deletions
--- a/pkg/handlers/router.go
+++ b/pkg/handlers/router.go
@ -30,7 +30,6 @@ func BuildRouter(c *services.Container) error {
 	// Create a cookie store for session data.
 	cookieStore := sessions.NewCookieStore([]byte(c.Config.App.EncryptionKey))
 	cookieStore.Options.HttpOnly = true
-	cookieStore.Options.Secure = true
 	cookieStore.Options.SameSite = http.SameSiteStrictMode

 	g.Use(
@ -52,7 +51,6 @@ func BuildRouter(c *services.Container) error {
 		echomw.CSRFWithConfig(echomw.CSRFConfig{
 			TokenLookup:    "form:csrf",
 			CookieHTTPOnly: true,
-			CookieSecure:   true,
 			CookieSameSite: http.SameSiteStrictMode,
 			ContextKey:     context.CSRFKey,
 		}),