Set SameSite flag to 'Strict'

author shibayashi <shibayashi@cypherpunk.observer>

Tue, 28 Aug 2018 12:03:29 +0000 (14:03 +0200)

committer shibayashi <shibayashi@cypherpunk.observer>

Tue, 28 Aug 2018 12:03:29 +0000 (14:03 +0200)
author shibayashi <shibayashi@cypherpunk.observer>
Tue, 28 Aug 2018 12:03:29 +0000 (14:03 +0200)
committer shibayashi <shibayashi@cypherpunk.observer>
Tue, 28 Aug 2018 12:03:29 +0000 (14:03 +0200)
diff --git a/lib/pleroma/web/endpoint.ex b/lib/pleroma/web/endpoint.ex

index 7bbb9480deaa920a8654c488b2b250028911e2e7..17f6b9bb61bd30d4a1befa7cee807e006b267019 100644 (file)
--- a/lib/pleroma/web/endpoint.ex
+++ b/lib/pleroma/web/endpoint.ex
@@ -52,7 +52,7 @@ defmodule Pleroma.Web.Endpoint do
      signing_salt: "CqaoopA2",
      secure:
        Application.get_env(:pleroma, Pleroma.Web.Endpoint) |> Keyword.get(:secure_cookie_flag),
-    extra: "SameSite=Lax"
+    extra: "SameSite=Strict"
    )
  
    plug(Pleroma.Web.Router)
author	shibayashi <shibayashi@cypherpunk.observer>
	Tue, 28 Aug 2018 12:03:29 +0000 (14:03 +0200)
committer	shibayashi <shibayashi@cypherpunk.observer>
	Tue, 28 Aug 2018 12:03:29 +0000 (14:03 +0200)