switch(plugin->apis[idx].session) {
- case AFB_SESSION_CREATE:
+ case AFB_SESSION_CREATE:
if (clientCtx->token[0] != '\0' && request->config->token[0] != '\0') {
request->errcode=MHD_HTTP_UNAUTHORIZED;
json_object_object_add(jcall, "status", json_object_new_string ("exist"));
// client did not pass token on URI let's use cookies
if ((!request->restfull) && (request->context != NULL)) {
char cookie[256];
- snprintf (cookie, sizeof (cookie), "%s=%s;path=%s;max-age=%d", COOKIE_NAME, request->uuid, request->config->rootapi,request->config->cntxTimeout);
+ snprintf (cookie, sizeof (cookie), "%s-%d=%s; Path=%s; Max-Age=%d; HttpOnly", COOKIE_NAME, request->config->httpdPort, request->uuid, request->config->rootapi,request->config->cntxTimeout);
MHD_add_response_header (webResponse, MHD_HTTP_HEADER_SET_COOKIE, cookie);
}