From 89e046e09379c2186f4873b41b19e358eeaa0f28 Mon Sep 17 00:00:00 2001
From: Arthur Lu <root@tronnet.net>
Date: Sat, 13 May 2023 07:38:32 +0000
Subject: [PATCH] remove httponly form username cookie

---
 main.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/main.js b/main.js
index 360b124..af51613 100644
--- a/main.js
+++ b/main.js
@@ -49,7 +49,7 @@ app.post("/api/ticket", async (req, res) => {
 	let expire = new Date(Date.now() + (2*60*60*1000));
 	res.cookie("PVEAuthCookie", ticket, {domain: domain, path: "/", httpOnly: true, secure: true, expires: expire});
 	res.cookie("CSRFPreventionToken", csrftoken, {domain: domain, path: "/", httpOnly: true, secure: true, expires: expire});
-	res.cookie("username", username, {domain: domain, path: "/", httpOnly: true, secure: true, expires: expire});
+	res.cookie("username", username, {domain: domain, path: "/", secure: true, expires: expire});
 	res.cookie("auth", 1, {domain: domain, path: "/", secure: true, expires: expire});
 	res.status(200).send({auth: true});
 });