Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

DEV: Set `samesite=lax` on cookies set by client-side (#26559) 

Chrome's default is already Lax, so this change is a no-op there.

Firefox will soon be follow them, and has started warning about cookies with no samesite attribute. That's the motivation for this commit.
This commit is contained in:
David Taylor 2024-04-09 09:22:20 +01:00 committed by GitHub
parent d7f7915558
commit 2a5d4ede6d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
app/assets/javascripts/discourse/app/lib/cookie.js
View File

@ -36,6 +36,7 @@ function cookie(key, value, options) {
options.path ? "; path=" + options.path : "",
options.domain ? "; domain=" + options.domain : "",
options.secure ? "; secure" : "",
";samesite=Lax",
].join(""));
}