[PATCH] middleware: use secure cookies over secure connections

Andrew Shadura andrew at shadura.me
Thu Mar 5 02:01:30 EST 2015


Hello,

On Thu, 05 Mar 2015 06:58:30 +0100
Thomas De Schampheleire
<patrickdepinguin at gmail.com> wrote:

> Then with this wrapper, can't we also change the cookie name to
> append the port, as an alternative to my recent patch fixing it in
> the config file?

In theory, yes, but I'm not sure we should :) I'm not sure however, the
port is the only thing to distinguish between different services. If it
were me, I'd have different services running on the same port, but I'd
had them available at different domains. Given that, I think your
original patch might be better.

-- 
Cheers,
  Andrew



More information about the kallithea-general mailing list