fixed insecure cookie issue causing login persist issues

saiwal · saiwal · commit dd4ca46f40e1 · 2024-11-24T18:23:07.000+05:30
diff --git a/Dockerfile b/Dockerfile
@@ -27,6 +27,9 @@ COPY custom-php.ini /usr/local/etc/php/conf.d/uploads.ini
 # Enable Apache mod_rewrite
 RUN a2enmod rewrite
 
+# Enable Apache mod_headers
+RUN a2enmod headers
+
 # Set working directory
 WORKDIR /var/www/html
 
diff --git a/README.md b/README.md
@@ -101,10 +101,6 @@ Using Docker for Hubzilla provides several advantages:
 - SMTP environment variables are necessary for admin registration. Make sure they are specified in the `.env` files correctly. Use app passwords if necessary for services with TFA(gmail, etc.).
 - Upload size limit is controlled by custom-php.ini, currently set to 20MB. Change if needed to appropriate value.
 
-## Known issues
-
-- If login doesn't persist, add the following to your proxy config `proxy_cookie_path / "/; Secure; HttpOnly; SameSite=None";`
-
 ## TODO
 
 - [ ] Optimize image size.
diff --git a/apache-config.conf b/apache-config.conf
@@ -6,6 +6,11 @@
         Require all granted
     </Directory>
 
+    # Add SameSite=None, Secure, and HttpOnly to all Set-Cookie headers
+    <IfModule mod_headers.c>
+        Header edit Set-Cookie ^(.*)$ $1;Secure;HttpOnly;SameSite=None
+    </IfModule>
+
     ErrorLog ${APACHE_LOG_DIR}/error.log
     CustomLog ${APACHE_LOG_DIR}/access.log combined
 </VirtualHost>
