lib/omniauth/strategies/remote_user.rb in omniauth-remote-user-0.0.5 vs lib/omniauth/strategies/remote_user.rb in omniauth-remote-user-0.0.6
- old
+ new
@@ -46,10 +46,10 @@
def __login(env, uid)
request = Rack::Request.new(env)
response = redirect_if_not_logging_in(request,_auth_path(request) )
if response
- response.set_cookie(options.internal_cookie, {value: uid , path: "#{request.script_name}"})
+ response.set_cookie(options.internal_cookie, {value: uid, path: "#{request.script_name}", httponly: true})
response.finish
end
end
def redirect_if_not_logging_in(request, url)