9 Commits

Author	SHA1	Message	Date
Nuno Miguel Micaelo Borges	a1ff878fdc	Add flags to define CSRF cookie expiration time and to allow CSRF cookies per request (#1708) ... * Add start of state to CSRF cookie name * Update CHANGELOG.md * Update CHANGELOG.md * Support optional flags * Update CHANGELOG.md * Update CHANGELOG.md * Update CHANGELOG.md * Update overview.md Add new CSRF flags * Update overview.md Describe new CSRF flags Co-authored-by: Nuno Borges <Nuno.Borges@ctw.bmwgroup.com>	2022-08-31 23:27:56 +01:00
Joel Speed	211fd3a010	Rename CookieOptions to Cookie	2020-07-05 09:18:21 +01:00
Joel Speed	b3ba2594c6	Create Cookie FlagSet and Defaults	2020-07-05 09:17:28 +01:00
Joel Speed	810a9e9967	Rename cookie-domain config to cookie-domains (#559) ... Co-authored-by: Henry Jenkins <henry@henryjenkins.name>	2020-05-24 20:19:56 +01:00
Joel Speed	c3f9cbeb3d	Remove Env tags from Cookie and Session Options	2020-05-21 22:43:42 +01:00
Joel Speed	458710149c	Rename Cookie Options to remove extra 'Cookie'	2020-04-29 19:51:24 +01:00
Eric Dahlseng	a659b9558e	Allow multiple cookie domains to be specified (#412) ... * Allow multiple cookie domains to be specified * Use X-Forwarded-Host, if it exists, when selecting cookie domain * Perform cookie domain sorting in config validation phase * Extract get domain cookies to a single function * Update pkg/cookies/cookies.go Co-Authored-By: Joel Speed <Joel.speed@hotmail.co.uk> * Update changelog Co-authored-by: Marcos Lilljedahl <marcosnils@gmail.com> Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>	2020-04-12 12:00:44 +01:00
Paul Groudas	5d0827a028	Add configuration for cookie 'SameSite' value. ... Values of 'lax' and 'strict' can improve and mitigate some categories of cross-site traffic tampering. Given that the nature of this proxy is often to proxy private tools, this is useful to take advantage of. See: https://www.owasp.org/index.php/SameSite	2020-01-06 12:21:52 -05:00
Joel Speed	fd6655411b	Move cookie configuration to separate package	2019-05-18 13:09:59 +02:00