helix
/
invidious
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add sameSite policy in cookie management in server side

Browse Source
pull/2895/head
Féry Mathieu (Mathius) 3 years ago
parent 8e4959a621
commit 09a585c93b
No known key found for this signature in database
GPG Key ID: F9CCC80C18A59037
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File

6
src/invidious/user/cookies.cr
Unescape Escape View File

@ -17,7 +17,8 @@ struct Invidious::User
value: sid, value: sid,
expires: Time.utc + 2.years, expires: Time.utc + 2.years,
secure: SECURE, secure: SECURE,
http_only: true http_only: true,
samesite: HTTP::Cookie::SameSite::Strict
) )
end end
@ -30,7 +31,8 @@ struct Invidious::User
value: URI.encode_www_form(preferences.to_json), value: URI.encode_www_form(preferences.to_json),
expires: Time.utc + 2.years, expires: Time.utc + 2.years,
secure: SECURE, secure: SECURE,
http_only: false http_only: false,
samesite: HTTP::Cookie::SameSite::Strict
) )
end end
end end

Write Preview
Loading…
Cancel
Save