Skip to content

Commit

Permalink
fix: set same site to lax
Browse files Browse the repository at this point in the history
  • Loading branch information
@im-adithya
im-adithya committed Jun 30, 2023
1 parent f109d30 commit 70e97ec
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 0 deletions.
2 changes: 2 additions & 0 deletions alby.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,6 +153,7 @@ func (svc *AlbyOAuthService) AuthHandler(c echo.Context) error {
if (sess.Values["user_id"] != nil) {
delete(sess.Values, "user_id")
sess.Options.MaxAge = 0
sess.Options.SameSite = http.SameSiteLaxMode
if svc.cfg.CookieDomain != "" {
sess.Options.Domain = svc.cfg.CookieDomain
}
Expand Down Expand Up @@ -203,6 +204,7 @@ func (svc *AlbyOAuthService) CallbackHandler(c echo.Context) error {

sess, _ := session.Get(CookieName, c)
sess.Options.MaxAge = 0
sess.Options.SameSite = http.SameSiteLaxMode
if svc.cfg.CookieDomain != "" {
sess.Options.Domain = svc.cfg.CookieDomain
}
Expand Down
2 changes: 2 additions & 0 deletions echo_handlers.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -93,6 +93,7 @@ func (svc *Service) IndexHandler(c echo.Context) error {
if user != nil && returnTo != nil {
delete(sess.Values, "return_to")
sess.Options.MaxAge = 0
sess.Options.SameSite = http.SameSiteLaxMode
if svc.cfg.CookieDomain != "" {
sess.Options.Domain = svc.cfg.CookieDomain
}
Expand Down Expand Up @@ -232,6 +233,7 @@ func (svc *Service) AppsNewHandler(c echo.Context) error {
sess, _ := session.Get(CookieName, c)
sess.Values["return_to"] = c.Path() + "?" + c.QueryString()
sess.Options.MaxAge = 0
sess.Options.SameSite = http.SameSiteLaxMode
if svc.cfg.CookieDomain != "" {
sess.Options.Domain = svc.cfg.CookieDomain
}
Expand Down

0 comments on commit 70e97ec

Please sign in to comment.