Skip to content

Commit

Permalink
Merge pull request #16 from stevejhiggs/caseInsensitiveLoginSamesite
Browse files Browse the repository at this point in the history 
Make the samesite value on the login cookie case insensitive
  • Loading branch information
@amckemie
amckemie authored Dec 17, 2020
2 parents 93505dd + d125ef8 commit f1be99f
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion src/api/operations/login.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,9 @@ async function login({
if (process.env.NODE_ENV !== 'production') {
cookie = cookie.replace('; Secure', '')
// SameSite=none can't be set unless the cookie is Secure
cookie = cookie.replace('; SameSite=none', '; SameSite=lax')
// bc seems to sometimes send back SameSite=None rather than none so make
// this case insensitive
cookie = cookie.replace(/; SameSite=none/gi, '; SameSite=lax')
}

response.setHeader(
Expand Down

0 comments on commit f1be99f

Please sign in to comment.