From b72d7c201ab34bd4de9582be891c3d4b76c3fd70 Mon Sep 17 00:00:00 2001
From: Unknwon <joe2010xtmf@163.com>
Date: Sun, 21 Sep 2014 12:22:50 -0400
Subject: [PATCH] Mirror bug fix

---
 cmd/web.go                 | 7 ++++---
 modules/setting/setting.go | 1 +
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/cmd/web.go b/cmd/web.go
index 45f35a35af..83dfca4e67 100644
--- a/cmd/web.go
+++ b/cmd/web.go
@@ -97,9 +97,10 @@ func newMacaron() *macaron.Macaron {
 		Config:   *setting.SessionConfig,
 	}))
 	m.Use(csrf.Generate(csrf.Options{
-		Secret:    setting.SecretKey,
-		SetCookie: true,
-		Header:    "X-Csrf-Token",
+		Secret:     setting.SecretKey,
+		SetCookie:  true,
+		Header:     "X-Csrf-Token",
+		CookiePath: setting.AppSubUrl,
 	}))
 	m.Use(toolbox.Toolboxer(m, toolbox.Options{
 		HealthCheckFuncs: []*toolbox.HealthCheckFuncDesc{
diff --git a/modules/setting/setting.go b/modules/setting/setting.go
index 321282df25..a1ab43d022 100644
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@@ -380,6 +380,7 @@ func newSessionService() {
 	SessionConfig = new(session.Config)
 	SessionConfig.ProviderConfig = strings.Trim(Cfg.MustValue("session", "PROVIDER_CONFIG"), "\" ")
 	SessionConfig.CookieName = Cfg.MustValue("session", "COOKIE_NAME", "i_like_gogits")
+	SessionConfig.CookiePath = AppSubUrl
 	SessionConfig.Secure = Cfg.MustBool("session", "COOKIE_SECURE")
 	SessionConfig.EnableSetCookie = Cfg.MustBool("session", "ENABLE_SET_COOKIE", true)
 	SessionConfig.Gclifetime = Cfg.MustInt64("session", "GC_INTERVAL_TIME", 86400)