mirror of
https://github.com/go-gitea/gitea
synced 2024-12-01 13:43:11 +01:00
Add missing SameSite settings for the i_like_gitea cookie (#16037)
The i_like_gitea cookie appears to be missing the SameSite settings. I think they were present at some point but may have been removed in a merge. This PR ensures that they are set. Fix #15972 Signed-off-by: Andrew Thornton <art27@cantab.net>
This commit is contained in:
parent
7a484c0788
commit
cbf30830d2
3 changed files with 3 additions and 0 deletions
|
@ -557,6 +557,7 @@ func Routes() *web.Route {
|
||||||
Gclifetime: setting.SessionConfig.Gclifetime,
|
Gclifetime: setting.SessionConfig.Gclifetime,
|
||||||
Maxlifetime: setting.SessionConfig.Maxlifetime,
|
Maxlifetime: setting.SessionConfig.Maxlifetime,
|
||||||
Secure: setting.SessionConfig.Secure,
|
Secure: setting.SessionConfig.Secure,
|
||||||
|
SameSite: setting.SessionConfig.SameSite,
|
||||||
Domain: setting.SessionConfig.Domain,
|
Domain: setting.SessionConfig.Domain,
|
||||||
}))
|
}))
|
||||||
m.Use(securityHeaders())
|
m.Use(securityHeaders())
|
||||||
|
|
|
@ -94,6 +94,7 @@ func InstallRoutes() *web.Route {
|
||||||
Gclifetime: setting.SessionConfig.Gclifetime,
|
Gclifetime: setting.SessionConfig.Gclifetime,
|
||||||
Maxlifetime: setting.SessionConfig.Maxlifetime,
|
Maxlifetime: setting.SessionConfig.Maxlifetime,
|
||||||
Secure: setting.SessionConfig.Secure,
|
Secure: setting.SessionConfig.Secure,
|
||||||
|
SameSite: setting.SessionConfig.SameSite,
|
||||||
Domain: setting.SessionConfig.Domain,
|
Domain: setting.SessionConfig.Domain,
|
||||||
}))
|
}))
|
||||||
|
|
||||||
|
|
|
@ -161,6 +161,7 @@ func WebRoutes() *web.Route {
|
||||||
Gclifetime: setting.SessionConfig.Gclifetime,
|
Gclifetime: setting.SessionConfig.Gclifetime,
|
||||||
Maxlifetime: setting.SessionConfig.Maxlifetime,
|
Maxlifetime: setting.SessionConfig.Maxlifetime,
|
||||||
Secure: setting.SessionConfig.Secure,
|
Secure: setting.SessionConfig.Secure,
|
||||||
|
SameSite: setting.SessionConfig.SameSite,
|
||||||
Domain: setting.SessionConfig.Domain,
|
Domain: setting.SessionConfig.Domain,
|
||||||
}))
|
}))
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue