X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Fendpoint.ex;h=6673ab5768b5551d535f9d32d97a224f99bba9c4;hb=b4bd5e40e491c8b777c75ec4f096c0c466a6b4e2;hp=1e5ac2721725e23e3fb9874f2e091a8f95a4abf0;hpb=e838969495d2ca95406920ceef98d08f01d71192;p=akkoma

diff --git a/lib/pleroma/web/endpoint.ex b/lib/pleroma/web/endpoint.ex
index 1e5ac2721..6673ab576 100644
--- a/lib/pleroma/web/endpoint.ex
+++ b/lib/pleroma/web/endpoint.ex
@@ -49,9 +49,14 @@ defmodule Pleroma.Web.Endpoint do
     Plug.Session,
     store: :cookie,
     key: "_pleroma_key",
-    signing_salt: "CqaoopA2"
+    signing_salt: "CqaoopA2",
+    http_only: true,
+    secure:
+      Application.get_env(:pleroma, Pleroma.Web.Endpoint) |> Keyword.get(:secure_cookie_flag),
+    extra: "SameSite=Strict"
   )
 
+  plug(CORSPlug)
   plug(Pleroma.Web.Router)
 
   @doc """