From 99a604a4a704c13ae0d621868e81f8baff2100ee Mon Sep 17 00:00:00 2001
From: Runxi Yu <me@runxiyu.org>
Date: Mon, 24 Mar 2025 08:54:52 +0800
Subject: main.go: Set HttpOnly on cookie

---
 main.go | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/main.go b/main.go
index e900933..73808d8 100644
--- a/main.go
+++ b/main.go
@@ -90,9 +90,10 @@ func main() {
 		}
 
 		http.SetCookie(writer, &http.Cookie{
-			Name:   "powxy",
-			Value:  base64.StdEncoding.EncodeToString(expectedMAC),
-			Secure: true,
+			Name:     "powxy",
+			Value:    base64.StdEncoding.EncodeToString(expectedMAC),
+			Secure:   true,
+			HttpOnly: true,
 		})
 
 		log.Println("ACCEPTED", getRemoteIP(request), request.RequestURI, request.Header.Get("User-Agent"))
-- 
cgit v1.2.3