devstack/authorizer
4
0
Fork 0
Code Pull Requests Actions Activity

fix: same site cookie

Browse Source
This commit is contained in:
Lakhan Samani
2022-09-28 18:30:30 +05:30
parent d8ea0c656f
commit aa6601e62c
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
server/cookie/cookie.go
View File

@@ -36,8 +36,9 @@ func SetSession(gc *gin.Context, sessionID string) {
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
// https://github.com/gin-gonic/gin/blob/master/context.go#L86
// TODO add ability to sameSite = none / strict from dashboard
gc.SetSameSite(http.SameSiteLaxMode)
if !appCookieSecure {
gc.SetSameSite(http.SameSiteLaxMode)
}
// TODO allow configuring from dashboard
year := 60 * 60 * 24 * 365