You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@unomi.apache.org by jk...@apache.org on 2023/03/24 09:38:51 UTC
[unomi-tracker] branch main updated: UNOMI-756: set cookies as secure when https protocol is used (#15)
This is an automated email from the ASF dual-hosted git repository.
jkevan pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/unomi-tracker.git
The following commit(s) were added to refs/heads/main by this push:
new fa5f84c UNOMI-756: set cookies as secure when https protocol is used (#15)
fa5f84c is described below
commit fa5f84c4697767c8d1f3733d88782ec750d82b04
Author: kevan Jahanshahi <jk...@apache.org>
AuthorDate: Fri Mar 24 10:38:45 2023 +0100
UNOMI-756: set cookies as secure when https protocol is used (#15)
* UNOMI-756: set cookies as secure when https protocol is used
* UNOMI-756: set cookies as secure when https protocol is used
---
src/apache-unomi-tracker.js | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/src/apache-unomi-tracker.js b/src/apache-unomi-tracker.js
index 3a262c9..3207722 100644
--- a/src/apache-unomi-tracker.js
+++ b/src/apache-unomi-tracker.js
@@ -572,13 +572,15 @@ export const newTracker = () => {
* @return {undefined}
*/
setCookie: function (cookieName, cookieValue, expireDays) {
- var expires = '';
+ let expires = '';
if (expireDays) {
var d = new Date();
d.setTime(d.getTime() + (expireDays * 24 * 60 * 60 * 1000));
expires = '; expires=' + d.toUTCString();
}
- document.cookie = cookieName + '=' + cookieValue + expires + '; path=/; SameSite=Strict';
+
+ let secure = location.protocol === 'https:' ? '; secure' : '';
+ document.cookie = cookieName + '=' + cookieValue + expires + '; path=/; SameSite=Strict' + secure;
},
/**
@@ -1367,8 +1369,8 @@ export const newTracker = () => {
// remove cookies, reset cxs
if (!enable) {
wem.cxs = {};
- document.cookie = wem.trackerProfileIdCookieName + '=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/;';
- document.cookie = wem.contextServerCookieName + '=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/;';
+ wem.removeCookie(wem.contextServerCookieName);
+ wem.removeCookie(wem.trackerProfileIdCookieName);
delete wem.contextLoaded;
} else {
if (wem.DOMLoaded) {