summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--include/local-def.h2
-rw-r--r--src/rest-api.c2
-rw-r--r--src/session.c4
3 files changed, 5 insertions, 3 deletions
diff --git a/include/local-def.h b/include/local-def.h
index 01f10626..0bf0294d 100644
--- a/include/local-def.h
+++ b/include/local-def.h
@@ -54,7 +54,7 @@
#define MAGIC_DB "/usr/share/misc/magic.mgc"
#define OPA_INDEX "index.html"
#define MAX_ALIAS 10 // max number of aliases
-#define COOKIE_NAME "AJB_session"
+#define COOKIE_NAME "afb-session"
#define DEFLT_CNTX_TIMEOUT 3600 // default Client Connection Timeout
diff --git a/src/rest-api.c b/src/rest-api.c
index c85fbea1..b83e8932 100644
--- a/src/rest-api.c
+++ b/src/rest-api.c
@@ -514,7 +514,7 @@ ProcessApiCall:
// client did not pass token on URI let's use cookies
if ((!request->restfull) && (request->context != NULL)) {
char cookie[256];
- snprintf (cookie, sizeof (cookie), "%s=%s;path=%s;max-age=%d", COOKIE_NAME, request->uuid, request->config->rootapi,request->config->cntxTimeout);
+ snprintf (cookie, sizeof (cookie), "%s-%d=%s; Path=%s; Max-Age=%d; HttpOnly", COOKIE_NAME, request->config->httpdPort, request->uuid, request->config->rootapi,request->config->cntxTimeout);
MHD_add_response_header (webResponse, MHD_HTTP_HEADER_SET_COOKIE, cookie);
}
diff --git a/src/session.c b/src/session.c
index 9e25c27f..481e04c7 100644
--- a/src/session.c
+++ b/src/session.c
@@ -449,8 +449,10 @@ PUBLIC AFB_clientCtx *ctxClientGet (AFB_request *request, int idx) {
// if UUID in query we're restfull with no cookies otherwise check for cookie
if (uuid != NULL) request->restfull = TRUE;
else {
+ char cookie[64];
request->restfull = FALSE;
- uuid = MHD_lookup_connection_value (request->connection, MHD_COOKIE_KIND, COOKIE_NAME);
+ snprintf(cookie, sizeof cookie, "%s-%d", COOKIE_NAME, request->config->httpdPort);
+ uuid = MHD_lookup_connection_value (request->connection, MHD_COOKIE_KIND, cookie);
};
// Warning when no cookie defined MHD_lookup_connection_value may return something !!!