diff --git a/back_end/Helena_de_troia b/back_end/Helena_de_troia
index a3a161a..a7c0165 100755
Binary files a/back_end/Helena_de_troia and b/back_end/Helena_de_troia differ
diff --git a/back_end/func_db.go b/back_end/func_db.go
index a6ff3c4..2c17a19 100644
--- a/back_end/func_db.go
+++ b/back_end/func_db.go
@@ -37,13 +37,13 @@ func sessionCookie(id int, player string) (*http.Cookie, error) {
 	}
 
 	cookie := &http.Cookie{
-		Name:  cookieName,
-		Value: sessionID,
-		Path:  "/",
-		//HttpOnly: true,
-		//Secure:   true,
-		//SameSite: http.SameSiteNoneMode,
-		Expires: time.Now().Add(time.Duration(sessionTime) * time.Hour),
+		Name:     cookieName,
+		Value:    sessionID,
+		Path:     "/",
+		HttpOnly: true,
+		Secure:   true,
+		SameSite: http.SameSiteNoneMode,
+		Expires:  time.Now().Add(time.Duration(sessionTime) * time.Hour),
 	}
 	return cookie, nil
 }
diff --git a/back_end/main.go b/back_end/main.go
index c583bfb..1921ca5 100644
--- a/back_end/main.go
+++ b/back_end/main.go
@@ -44,8 +44,20 @@ func main() {
 	if !ok || siteUnlock == "" {
 		log.Fatal("Erro: siteUnlock ausente ou não é string")
 	}
+
+	e.Pre(func(next echo.HandlerFunc) echo.HandlerFunc {
+		return func(c echo.Context) error {
+			if proto := c.Request().Header.Get("X-Forwarded-Proto"); proto != "" {
+				c.Request().URL.Scheme = proto
+			}
+			return next(c)
+		}
+	})
+
 	e.Use(middleware.CORSWithConfig(middleware.CORSConfig{
 		AllowOrigins:     []string{siteUnlock},
+		AllowMethods:     []string{http.MethodGet, http.MethodPost, http.MethodPatch},
+		AllowHeaders:     []string{"Content-Type"},
 		AllowCredentials: true,
 	}))
 
diff --git a/back_end/rotas.go b/back_end/rotas.go
index dbea0d8..ea9e9a9 100644
--- a/back_end/rotas.go
+++ b/back_end/rotas.go
@@ -350,12 +350,19 @@ func player_updateInputs(c echo.Context) error {
 	lore := c.FormValue("lore")
 
 	if vida != "" {
+		a, _ := strconv.Atoi(vida)
+		if a < 1 {
+			return jsonError(c, http.StatusUnauthorized, "o seu merda, sua viada não pode ser 0 ou inferior.")
+		}
+
 		err := updateField("UPDATE players SET vida=?, vida_maxima=? WHERE id=?;", vida, vida, session["user_id"])
+
 		if err != nil {
 			return jsonError(c, http.StatusInternalServerError, "erro ao alterar sua vida.")
 		}
 		lista = append(lista, "vida")
 	}
+
 	if nome != "" {
 		err := updateField("UPDATE players SET nome=? WHERE id=?;", nome, session["user_id"])
 		if err != nil {
diff --git a/rpg/index.html b/rpg/index.html
index 46de0b6..90a774c 100644
--- a/rpg/index.html
+++ b/rpg/index.html
@@ -9,9 +9,9 @@
         <title>ficha</title>
         <link rel="stylesheet" href="css/base.css" />
         <link rel="stylesheet" href="css/style.css" />
-        <script type="text/javascript" src="javascript/libs/jquery.js"></script>
-        <script type="text/javascript" src="javascript/libs/tata.js"></script>
-        <script type="text/javascript" src="javascript/globais.js"></script>
+        <script type="text/javascript" src="js/libs/jquery.js"></script>
+        <script type="text/javascript" src="js/libs/tata.js"></script>
+        <script type="text/javascript" src="js/globais.js"></script>
     </head>
     <body>
         <div id="playerDATA">
@@ -392,7 +392,7 @@
                     <textarea
                         id="desc"
                         name="desc"
-                        placeholder="escrava como sua habilidade ou poder funciona"
+                        placeholder="descreva como sua habilidade ou poder funciona"
                     ></textarea>
                     <input
                         type="submit"
@@ -426,7 +426,7 @@
         </div>
         <label id="statusPlayer"></label>
         <!-- scripts -->
-        <script type="text/javascript" src="javascript/script.js"></script>
-        <script type="text/javascript" src="javascript/load_ficha.js"></script>
+        <script type="text/javascript" src="js/script.js"></script>
+        <script type="text/javascript" src="js/load_ficha.js"></script>
     </body>
 </html>
diff --git a/rpg/javascript/globais.js b/rpg/js/globais.js
similarity index 100%
rename from rpg/javascript/globais.js
rename to rpg/js/globais.js
diff --git a/rpg/javascript/libs/jquery.js b/rpg/js/libs/jquery.js
similarity index 100%
rename from rpg/javascript/libs/jquery.js
rename to rpg/js/libs/jquery.js
diff --git a/rpg/javascript/libs/tata.js b/rpg/js/libs/tata.js
similarity index 100%
rename from rpg/javascript/libs/tata.js
rename to rpg/js/libs/tata.js
diff --git a/rpg/javascript/loadPlayer.js b/rpg/js/loadPlayer.js
similarity index 100%
rename from rpg/javascript/loadPlayer.js
rename to rpg/js/loadPlayer.js
diff --git a/rpg/javascript/load_ficha.js b/rpg/js/load_ficha.js
similarity index 100%
rename from rpg/javascript/load_ficha.js
rename to rpg/js/load_ficha.js
diff --git a/rpg/javascript/login.js b/rpg/js/login.js
similarity index 100%
rename from rpg/javascript/login.js
rename to rpg/js/login.js
diff --git a/rpg/javascript/profile.js b/rpg/js/profile.js
similarity index 100%
rename from rpg/javascript/profile.js
rename to rpg/js/profile.js
diff --git a/rpg/javascript/register.js b/rpg/js/register.js
similarity index 100%
rename from rpg/javascript/register.js
rename to rpg/js/register.js
diff --git a/rpg/javascript/roll.js b/rpg/js/roll.js
similarity index 100%
rename from rpg/javascript/roll.js
rename to rpg/js/roll.js
diff --git a/rpg/javascript/script.js b/rpg/js/script.js
similarity index 100%
rename from rpg/javascript/script.js
rename to rpg/js/script.js
diff --git a/rpg/login.html b/rpg/login.html
index bc45782..492e27b 100644
--- a/rpg/login.html
+++ b/rpg/login.html
@@ -9,9 +9,9 @@
         <title>login</title>
         <link rel="stylesheet" href="css/base.css" />
         <link rel="stylesheet" href="css/login.css" />
-        <script type="text/javascript" src="javascript/libs/jquery.js"></script>
-        <script type="text/javascript" src="javascript/libs/tata.js"></script>
-        <script type="text/javascript" src="javascript/globais.js"></script>
+        <script type="text/javascript" src="js/libs/jquery.js"></script>
+        <script type="text/javascript" src="js/libs/tata.js"></script>
+        <script type="text/javascript" src="js/globais.js"></script>
     </head>
     <body>
         <div id="login_form">
@@ -37,6 +37,6 @@
                 <li><a href="registro.html">Criar conta</a></li>
             </ul>
         </div>
-        <script type="text/javascript" src="javascript/login.js"></script>
+        <script type="text/javascript" src="js/login.js"></script>
     </body>
 </html>
diff --git a/rpg/obs.html b/rpg/obs.html
index 17bd2c9..c0c555c 100644
--- a/rpg/obs.html
+++ b/rpg/obs.html
@@ -9,8 +9,8 @@
         <title>obs</title>
         <link rel="stylesheet" href="css/base.css" />
         <link rel="stylesheet" href="css/styleObs.css" />
-        <script type="text/javascript" src="javascript/libs/jquery.js"></script>
-        <script type="text/javascript" src="javascript/globais.js"></script>
+        <script type="text/javascript" src="js/libs/jquery.js"></script>
+        <script type="text/javascript" src="js/globais.js"></script>
     </head>
     <body>
         <div id="playerDATA">
@@ -40,6 +40,6 @@
                 <h3>status:</h3>
             </ul>
         </div>
-        <script type="text/javascript" src="javascript/loadPlayer.js"></script>
+        <script type="text/javascript" src="js/loadPlayer.js"></script>
     </body>
 </html>
diff --git a/rpg/profile.html b/rpg/profile.html
index 0693a2a..24b2b15 100644
--- a/rpg/profile.html
+++ b/rpg/profile.html
@@ -9,9 +9,9 @@
         <title>profile</title>
         <link rel="stylesheet" href="css/base.css" />
         <link rel="stylesheet" href="css/styleProfile.css" />
-        <script type="text/javascript" src="javascript/libs/jquery.js"></script>
-        <script type="text/javascript" src="javascript/libs/tata.js"></script>
-        <script type="text/javascript" src="javascript/globais.js"></script>
+        <script type="text/javascript" src="js/libs/jquery.js"></script>
+        <script type="text/javascript" src="js/libs/tata.js"></script>
+        <script type="text/javascript" src="js/globais.js"></script>
     </head>
     <body>
         <div id="playerDATA">
@@ -91,6 +91,6 @@
         <label id="statusPlayer"></label>
 
         <!-- scripts -->
-        <script type="text/javascript" src="javascript/profile.js"></script>
+        <script type="text/javascript" src="js/profile.js"></script>
     </body>
 </html>
diff --git a/rpg/registro.html b/rpg/registro.html
index 45ec294..89a77fd 100644
--- a/rpg/registro.html
+++ b/rpg/registro.html
@@ -9,9 +9,9 @@
         <title>registrar</title>
         <link rel="stylesheet" href="css/base.css" />
         <link rel="stylesheet" href="css/register.css" />
-        <script type="text/javascript" src="javascript/libs/jquery.js"></script>
-        <script type="text/javascript" src="javascript/libs/tata.js"></script>
-        <script type="text/javascript" src="javascript/globais.js"></script>
+        <script type="text/javascript" src="js/libs/jquery.js"></script>
+        <script type="text/javascript" src="js/libs/tata.js"></script>
+        <script type="text/javascript" src="js/globais.js"></script>
     </head>
     <body>
         <div id="register_form">
@@ -64,6 +64,6 @@
                 <li><a href="login.html">Fazer login</a></li>
             </ul>
         </div>
-        <script type="text/javascript" src="javascript/register.js"></script>
+        <script type="text/javascript" src="js/register.js"></script>
     </body>
 </html>
diff --git a/rpg/roll.html b/rpg/roll.html
index e0fcf76..df8fb97 100644
--- a/rpg/roll.html
+++ b/rpg/roll.html
@@ -7,11 +7,11 @@
             content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"
         />
         <title>obs</title>
-        <script type="text/javascript" src="javascript/libs/jquery.js"></script>
-        <script type="text/javascript" src="javascript/globais.js"></script>
-        <script type="text/javascript" src="javascript/libs/tata.js"></script>
+        <script type="text/javascript" src="js/libs/jquery.js"></script>
+        <script type="text/javascript" src="js/globais.js"></script>
+        <script type="text/javascript" src="js/libs/tata.js"></script>
     </head>
     <body>
-        <script type="text/javascript" src="javascript/roll.js"></script>
+        <script type="text/javascript" src="js/roll.js"></script>
     </body>
 </html>