feat: add secure_cookies configuration option\n\n- Added SecureCookies bool field to config.Settings\n- Added --secure-cookies command line flag\n- Updated CSRFMiddleware to use config setting instead of hardcoded value\n- Default is false for local development, set to true for production HTTPS\n- Updated config.example and README.md with documentation\n- Updated tests to pass config to CSRFMiddleware\n\nThis allows users to easily switch between insecure cookies (for local dev)\nand secure cookies (for production HTTPS) via config file or command line.

author: Adam Mathes <adam@adammathes.com> 2026-02-14 11:02:38 -0800
committer: Adam Mathes <adam@adammathes.com> 2026-02-14 11:02:38 -0800
commit: b47721a02d3fdfb1b6a565df29c85e7c51d8c490 (patch)
tree: f9540e4f7e3a152fd3c9f86f484e97e42f13422f /config.example
parent: 5e24550cacd0f80ea4ec62dab873e747b2ae86b7 (diff)
download: neko-b47721a02d3fdfb1b6a565df29c85e7c51d8c490.tar.gz
neko-b47721a02d3fdfb1b6a565df29c85e7c51d8c490.tar.bz2
neko-b47721a02d3fdfb1b6a565df29c85e7c51d8c490.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/config.example b/config.example
index 8aa0ed3..b302cf0 100644
--- a/config.example
+++ b/config.example
@@ -3,3 +3,4 @@ http: 9001
 imageproxy: true
 minutes: 90
 password: VeryLongRandomStringBecauseSecurityIsFun
+# secure_cookies: true  # Set to true when using HTTPS in production
author	Adam Mathes <adam@adammathes.com>	2026-02-14 11:02:38 -0800
committer	Adam Mathes <adam@adammathes.com>	2026-02-14 11:02:38 -0800
commit	b47721a02d3fdfb1b6a565df29c85e7c51d8c490 (patch)
tree	f9540e4f7e3a152fd3c9f86f484e97e42f13422f /config.example
parent	5e24550cacd0f80ea4ec62dab873e747b2ae86b7 (diff)
download	neko-b47721a02d3fdfb1b6a565df29c85e7c51d8c490.tar.gz neko-b47721a02d3fdfb1b6a565df29c85e7c51d8c490.tar.bz2 neko-b47721a02d3fdfb1b6a565df29c85e7c51d8c490.zip