projects
/
squeep-authentication-module
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
set SameSite to Lax on session cookies
[squeep-authentication-module]
/
lib
/
authenticator.js
diff --git
a/lib/authenticator.js
b/lib/authenticator.js
index c388ee883c60bb0fa79380696b87b9894528d209..0c0c349b7288af20f0fc7df421c91aeddd61a3dc 100644
(file)
--- a/
lib/authenticator.js
+++ b/
lib/authenticator.js
@@
-266,8
+266,9
@@
class Authenticator {
const cookieParts = [
sessionCookie,
'HttpOnly',
const cookieParts = [
sessionCookie,
'HttpOnly',
- `Path=${this.options.dingus.proxyPrefix}/`,
`Max-Age=${this.cookieLifespan}`,
`Max-Age=${this.cookieLifespan}`,
+ 'SameSite=Lax',
+ `Path=${this.options.dingus.proxyPrefix}/`,
];
if (this.options.authenticator.secureAuthOnly) {
cookieParts.push('Secure');
];
if (this.options.authenticator.secureAuthOnly) {
cookieParts.push('Secure');
@@
-282,6
+283,7
@@
class Authenticator {
`${Enum.SessionCookie}=""`,
'HttpOnly',
'Max-Age=0',
`${Enum.SessionCookie}=""`,
'HttpOnly',
'Max-Age=0',
+ 'SameSite=Lax',
`Path=${this.options.dingus.proxyPrefix}/`,
];
if (this.options.authenticator.secureAuthOnly) {
`Path=${this.options.dingus.proxyPrefix}/`,
];
if (this.options.authenticator.secureAuthOnly) {
@@
-385,4
+387,4
@@
class Authenticator {
}
}
-module.exports = Authenticator;
\ No newline at end of file
+module.exports = Authenticator;