diff --git a/main.go b/main.go index 17d4adb52..3f910965e 100644 --- a/main.go +++ b/main.go @@ -37,7 +37,7 @@ func main() { flagSet.String("cookie-secret", "", "the seed string for secure cookies") flagSet.String("cookie-domain", "", "an optional cookie domain to force cookies to (ie: .yourcompany.com)*") flagSet.Duration("cookie-expire", time.Duration(168)*time.Hour, "expire timeframe for cookie") - flagSet.Bool("cookie-https-only", false, "set HTTPS only cookie") + flagSet.Bool("cookie-https-only", true, "set HTTPS only cookie") flagSet.Parse(os.Args[1:]) diff --git a/oauthproxy.go b/oauthproxy.go index 15f7b363f..aa4f63404 100644 --- a/oauthproxy.go +++ b/oauthproxy.go @@ -55,6 +55,11 @@ func NewOauthProxy(opts *Options, validator func(string) bool) *OauthProxy { redirectUrl.Path = oauthCallbackPath log.Printf("OauthProxy configured for %s", opts.ClientID) + domain := opts.CookieDomain + if domain == "" { + domain = "" + } + log.Printf("Cookie settings: https_only: %v expiry: %s domain:%s", opts.CookieHttpsOnly, opts.CookieExpire, domain) return &OauthProxy{ CookieKey: "_oauthproxy", CookieSeed: opts.CookieSecret, diff --git a/options.go b/options.go index 2d829695d..010f366b5 100644 --- a/options.go +++ b/options.go @@ -29,7 +29,12 @@ type Options struct { } func NewOptions() *Options { - return &Options{} + return &Options{ + HttpAddress: "127.0.0.1:4180", + CookieHttpsOnly: true, + PassBasicAuth: true, + CookieExpire: time.Duration(168) * time.Hour, + } } func (o *Options) Validate() error {