edgedb-js In the auth helper libraries, we are not setting `Secure` on the session cookie when possible

In the auth helper libraries, we are not setting `Secure` on the session cookie when possible

Open scotttrinh opened this issue 2 months ago • 0 comments

We should conditionally set the Secure cookie attribute in all of the auth helper libraries for the session token to ensure they are not accessible in non-TLS HTTP sessions.

Apr 08 '24 15:04 scotttrinh

edgedb-js edgedb-js copied to clipboard

In the auth helper libraries, we are not setting `Secure` on the session cookie when possible

edgedb-js
edgedb-js copied to clipboard