From 56f98a9c1454359dfe2bda109adca06b19c7f7a6 Mon Sep 17 00:00:00 2001
From: Lucas Schumacher <technolucas@protonmail.com>
Date: Tue, 13 Aug 2024 11:39:19 -0400
Subject: [PATCH] Set cookie to http only

---
 controllers/users.go | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/controllers/users.go b/controllers/users.go
index b674edb..882bcd6 100644
--- a/controllers/users.go
+++ b/controllers/users.go
@@ -60,9 +60,10 @@ func (u Users) PostSignin(w http.ResponseWriter, r *http.Request) {
 
 	// Bad cookie
 	cookie := http.Cookie{
-		Name:  "bad",
-		Value: user.Email,
-		Path:  "/",
+		Name:     "bad",
+		Value:    user.Email,
+		Path:     "/",
+		HttpOnly: true,
 	}
 	http.SetCookie(w, &cookie)