From 56879377d53c0b5e8c543dae345cadb49004b9dd Mon Sep 17 00:00:00 2001
From: luisramos0 <luisramos0@gmail.com>
Date: Fri, 17 Aug 2018 21:19:49 +0100
Subject: [PATCH] Added httponly to cookieConsent cookie, this makes this
 cookie secure, cannot be altered by javascript

---
 app/services/cookies_consent.rb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app/services/cookies_consent.rb b/app/services/cookies_consent.rb
index 8b35fa7402..64c4dfa083 100644
--- a/app/services/cookies_consent.rb
+++ b/app/services/cookies_consent.rb
@@ -18,7 +18,8 @@ class CookiesConsent
     cookies[COOKIE_NAME] = {
       value: COOKIE_NAME,
       expires: 1.year.from_now,
-      domain: domain
+      domain: domain,
+      httponly: true
     }
   end