Panagiotis Papadopoulos 5f605b3a91 fix(csrf): set more secure cookieOptions settings ...

- `sameSite` - previous setting inherited from csurf was to simply not set it at all, which makes all browser nag in their dev console output.
They will default to "Lax" for these type of cookies in the future.
We can even use "strict" here though for our use case:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#samesitesamesite-value

- `httpOnly`: should be enabled for the csrf cookie as well
for the session cookie it already is enabled.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#httponly

2025-01-16 21:40:12 +01:00

..

becca

chore(types): missing import type for JS imports

2025-01-13 23:18:10 +02:00

errors

chore(code): fix more js & ts files

2024-12-22 15:45:54 +02:00

etapi

chore(types): missing import type for JS imports

2025-01-13 23:18:10 +02:00

public

Merge remote-tracking branch 'origin/master' into develop

2025-01-16 18:36:35 +02:00

routes

fix(csrf): set more secure cookieOptions settings

2025-01-16 21:40:12 +01:00

services

Merge pull request #880 from pano9000/refactor_data_dir

2025-01-14 20:20:32 +02:00

share

chore(types): missing import type for JS imports

2025-01-13 23:18:10 +02:00

tools

chore(prettier): fix all files

2025-01-09 18:07:02 +02:00

views

fix(views): replace deprecated meta tag

2025-01-13 20:49:53 +01:00

anonymize.ts

chore(prettier): fix all files

2025-01-09 18:07:02 +02:00

app.ts

chore(prettier): fix all files

2025-01-09 18:07:02 +02:00

express.d.ts

chore(prettier): fix all files

2025-01-09 18:07:02 +02:00

main.ts

chore(code): fix more js & ts files

2024-12-22 15:45:54 +02:00

types.d.ts

chore(prettier): fix all files

2025-01-09 18:07:02 +02:00

www.ts

chore(prettier): fix all files

2025-01-09 18:07:02 +02:00