<p>apps_controller.lua uses the same sysauth Set-Cookie code as luci's dispatcher.lua. Per commotion-openwrt issues 32 & 33, sysauth cookie should use httponly and secure flags.</p>

<hr>

<h4>You can merge this Pull Request by running</h4>
<pre>  git pull https://github.com/opentechinstitute/luci-commotion-linux sysauth-cookie</pre>
<p>Or view, comment on, or merge it at:</p>
<p>  <a href='https://github.com/opentechinstitute/luci-commotion-linux/pull/1'>https://github.com/opentechinstitute/luci-commotion-linux/pull/1</a></p>

<h4>Commit Summary</h4>
<ul>
  <li>Added secure and httponly flags to sysauth cookie in apps_controller.lua</li>
</ul>

<h4>File Changes</h4>
<ul>
  <li>
    <strong>M</strong>
    <a href="https://github.com/opentechinstitute/luci-commotion-linux/pull/1/files#diff-0">modules/commotion/luasrc/controller/commotion/apps_controller.lua</a>
    (4)
  </li>
</ul>

<h4>Patch Links:</h4>
<ul>
  <li><a href='https://github.com/opentechinstitute/luci-commotion-linux/pull/1.patch'>https://github.com/opentechinstitute/luci-commotion-linux/pull/1.patch</a></li>
  <li><a href='https://github.com/opentechinstitute/luci-commotion-linux/pull/1.diff'>https://github.com/opentechinstitute/luci-commotion-linux/pull/1.diff</a></li>
</ul>