devstack/authorizer
4
0
Fork 0
Code Pull Requests Actions Activity

fix: set same site cookie to none for cross site

Browse Source
This commit is contained in:
Lakhan Samani
2022-09-28 18:42:42 +05:30
parent aa6601e62c
commit cfbce17ab8
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
server/cookie/cookie.go
View File

@@ -38,6 +38,8 @@ func SetSession(gc *gin.Context, sessionID string) {
// TODO add ability to sameSite = none / strict from dashboard
if !appCookieSecure {
gc.SetSameSite(http.SameSiteLaxMode)
} else {
gc.SetSameSite(http.SameSiteNoneMode)
}
// TODO allow configuring from dashboard
year := 60 * 60 * 24 * 365