You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@roller.apache.org by mb...@apache.org on 2021/09/13 02:12:19 UTC

[roller] 09/10: set cookie "secure" and "SameSite" flags by default.

This is an automated email from the ASF dual-hosted git repository.

mbien pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/roller.git

commit c86fffed7b6a1f24b4ead87cd7c141a4077ed4b2
Author: Michael Bien <mb...@gmail.com>
AuthorDate: Wed Aug 25 04:11:39 2021 +0200

    set cookie "secure" and "SameSite" flags by default.
---
 app/src/main/webapp/theme/scripts/roller.js | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/app/src/main/webapp/theme/scripts/roller.js b/app/src/main/webapp/theme/scripts/roller.js
index 1685b76..f703a62 100644
--- a/app/src/main/webapp/theme/scripts/roller.js
+++ b/app/src/main/webapp/theme/scripts/roller.js
@@ -16,11 +16,12 @@
 * directory of this distribution.
 */
 /* This function is used to set cookies */
-function setCookie(name,value,expires,path,domain,secure) {
+function setCookie(name, value, expires, path, domain, secure=true, sameSite=true) {
   document.cookie = name + "=" + escape (value) +
     ((expires) ? "; expires=" + expires.toGMTString() : "") +
     ((path) ? "; path=" + path : "") +
-    ((domain) ? "; domain=" + domain : "") + ((secure) ? "; secure" : "");
+    ((domain) ? "; domain=" + domain : "") + ((secure) ? "; secure" : "") +
+    ((sameSite) ? "; SameSite=Strict" : "");
 }
 
 /* This function is used to get cookies */