You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2020/08/28 00:29:17 UTC
svn commit: r1881263 - in /httpd/httpd/trunk: docs/manual/rewrite/flags.xml
modules/mappers/mod_rewrite.c
Author: covener
Date: Fri Aug 28 00:29:17 2020
New Revision: 1881263
URL: http://svn.apache.org/viewvc?rev=1881263&view=rev
Log:
samesite: fix check for 0, add "false" alternative.
Modified:
httpd/httpd/trunk/docs/manual/rewrite/flags.xml
httpd/httpd/trunk/modules/mappers/mod_rewrite.c
Modified: httpd/httpd/trunk/docs/manual/rewrite/flags.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/rewrite/flags.xml?rev=1881263&r1=1881262&r2=1881263&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/rewrite/flags.xml (original)
+++ httpd/httpd/trunk/docs/manual/rewrite/flags.xml Fri Aug 28 00:29:17 2020
@@ -192,7 +192,7 @@ which means that the cookie is inaccessi
browsers that support this feature.</dd>
<dt>samesite</dt>
-<dd>If set to anything other than <code>0</code>, the <code>SameSite</code>
+<dd>If set to anything other than <code>false</code> or <code>0</code>, the <code>SameSite</code>
attribute is set to the specified value. Typical values are <code>None</code>,
<code>Lax</code>, and <code>Strict</code>.Available in 2.5.1 and later.</dd>
</dl>
Modified: httpd/httpd/trunk/modules/mappers/mod_rewrite.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/mappers/mod_rewrite.c?rev=1881263&r1=1881262&r2=1881263&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/mappers/mod_rewrite.c (original)
+++ httpd/httpd/trunk/modules/mappers/mod_rewrite.c Fri Aug 28 00:29:17 2020
@@ -2647,7 +2647,7 @@ static void add_cookie(request_rec *r, c
"; HttpOnly" : NULL,
NULL);
- if (samesite && !strcasecmp(samesite, "0")) {
+ if (samesite && strcmp(samesite, "0") && ap_cstr_casecmp(samesite,"false")) {
cookie = apr_pstrcat(rmain->pool, cookie, "; SameSite=",
samesite, NULL);
}