rdelaage
/
miniflux-v2
mirror of https://github.com/miniflux/v2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Set SameSite cookie attribute to Strict

This commit is contained in:
Frédéric Guillot 2020-08-05 21:19:02 -07:00
parent 514f518d2a
commit 5ac55518ab
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
http/cookie/cookie.go
View File

@ -27,7 +27,7 @@ func New(name, value string, isHTTPS bool, path string) *http.Cookie {
Secure: isHTTPS,
HttpOnly: true,
Expires: time.Now().Add(cookieDuration * 24 * time.Hour),
SameSite: http.SameSiteLaxMode,
SameSite: http.SameSiteStrictMode,
}
}
@ -41,7 +41,7 @@ func Expired(name string, isHTTPS bool, path string) *http.Cookie {
HttpOnly: true,
MaxAge: -1,
Expires: time.Date(1970, 1, 1, 0, 0, 0, 0, time.UTC),
SameSite: http.SameSiteLaxMode,
SameSite: http.SameSiteStrictMode,
}
}