<p>apps_controller.lua uses the same sysauth Set-Cookie code as luci's dispatcher.lua. Per commotion-openwrt issues 32 & 33, sysauth cookie should use httponly and secure flags.</p>
<hr>
<h4>You can merge this Pull Request by running</h4>
<pre> git pull https://github.com/opentechinstitute/luci-commotion-linux sysauth-cookie</pre>
<p>Or view, comment on, or merge it at:</p>
<p> <a href='https://github.com/opentechinstitute/luci-commotion-linux/pull/1'>https://github.com/opentechinstitute/luci-commotion-linux/pull/1</a></p>
<h4>Commit Summary</h4>
<ul>
<li>Added secure and httponly flags to sysauth cookie in apps_controller.lua</li>
</ul>
<h4>File Changes</h4>
<ul>
<li>
<strong>M</strong>
<a href="https://github.com/opentechinstitute/luci-commotion-linux/pull/1/files#diff-0">modules/commotion/luasrc/controller/commotion/apps_controller.lua</a>
(4)
</li>
</ul>
<h4>Patch Links:</h4>
<ul>
<li><a href='https://github.com/opentechinstitute/luci-commotion-linux/pull/1.patch'>https://github.com/opentechinstitute/luci-commotion-linux/pull/1.patch</a></li>
<li><a href='https://github.com/opentechinstitute/luci-commotion-linux/pull/1.diff'>https://github.com/opentechinstitute/luci-commotion-linux/pull/1.diff</a></li>
</ul>