You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by wi...@apache.org on 2020/01/10 08:13:26 UTC
[couchdb-mochiweb] 29/32: add support for SameSite=none in cookies
This is an automated email from the ASF dual-hosted git repository.
willholley pushed a commit to branch upstream-2.20.0
in repository https://gitbox.apache.org/repos/asf/couchdb-mochiweb.git
commit fc8de2ba2b313bfbf85c1ec59ecde1ab155922d0
Author: Anthony Molinaro <an...@openx.com>
AuthorDate: Fri Jul 12 22:00:34 2019 +0000
add support for SameSite=none in cookies
---
src/mochiweb_cookies.erl | 18 ++++++++++++++++--
1 file changed, 16 insertions(+), 2 deletions(-)
diff --git a/src/mochiweb_cookies.erl b/src/mochiweb_cookies.erl
index c7b0fcf..dd28610 100644
--- a/src/mochiweb_cookies.erl
+++ b/src/mochiweb_cookies.erl
@@ -65,7 +65,7 @@ cookie(Key, Value) ->
%% where Option = {max_age, int_seconds()} | {local_time, {date(), time()}}
%% | {domain, string()} | {path, string()}
%% | {secure, true | false} | {http_only, true | false}
-%% | {same_site, lax | strict}
+%% | {same_site, lax | strict | none}
%%
%% @doc Generate a Set-Cookie header field tuple.
cookie(Key, Value, Options) ->
@@ -130,7 +130,9 @@ cookie(Key, Value, Options) ->
lax ->
"; SameSite=Lax";
strict ->
- "; SameSite=Strict"
+ "; SameSite=Strict";
+ none ->
+ "; SameSite=None"
end,
CookieParts = [Cookie, ExpiresPart, SecurePart, DomainPart, PathPart,
HttpOnlyPart, SameSitePart],
@@ -378,6 +380,18 @@ cookie_test() ->
"Max-Age=86417"},
C3 = cookie("Customer", "WILE_E_COYOTE",
[{max_age, 86417}, {local_time, LocalTime}]),
+
+ % test various values for SameSite
+ %
+ % unset default to nothing
+ C4 = {"Set-Cookie","i=test123; Version=1"},
+ C4 = cookie("i", "test123", []),
+ C5 = {"Set-Cookie","i=test123; Version=1; SameSite=Strict"},
+ C5 = cookie("i", "test123", [ {same_site, strict}]),
+ C6 = {"Set-Cookie","i=test123; Version=1; SameSite=Lax"},
+ C6 = cookie("i", "test123", [ {same_site, lax}]),
+ C7 = {"Set-Cookie","i=test123; Version=1; SameSite=None"},
+ C7 = cookie("i", "test123", [ {same_site, none}]),
ok.
-endif.