mirre-mt/pcmt
1
0
Fork 0
Code Issues 6 Pull Requests Releases 4 Activity

handlers: set cookie with SameSiteStrictMode
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
leo 2023-04-19 03:34:23 +02:00
parent 33c9b8a30e
commit 6ba09987a9
Signed by: wanderer
SSH Key Fingerprint: SHA256:Dp8+iwKHSlrMEHzE3bJnPng70I7LEsa3IJXRH/U+idQ
1 changed files with 9 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
handlers/handlers.go
View File

@ -369,10 +369,9 @@ func SigninPost(client *ent.Client) echo.HandlerFunc {
secure := c.Request().URL.Scheme == "https"
cookieSession := &http.Cookie{
Name: "session",
Value: username,
// SameSite: http.SameSiteStrictMode,
SameSite: http.SameSiteLaxMode,
Name: "session",
Value: username,
SameSite: http.SameSiteStrictMode,
MaxAge: 3600,
Secure: secure,
HttpOnly: true,
@ -481,10 +480,9 @@ func SignupPost(client *ent.Client) echo.HandlerFunc {
// csrf := c.Get("csrf").(string)
cookieSession := &http.Cookie{
Name: "session",
Value: username,
// SameSite: http.SameSiteStrictMode,
SameSite: http.SameSiteLaxMode,
Name: "session",
Value: username,
SameSite: http.SameSiteStrictMode,
MaxAge: 3600,
Secure: secure,
HttpOnly: true,
@ -592,10 +590,9 @@ func Logout() echo.HandlerFunc {
secure := c.Request().URL.Scheme == "https"
cookieSession := &http.Cookie{
Name: "session",
Value: "",
// SameSite: http.SameSiteStrictMode,
SameSite: http.SameSiteLaxMode,
Name: "session",
Value: "",
SameSite: http.SameSiteStrictMode,
MaxAge: -1,
Secure: secure,
HttpOnly: true,