Switch to SameSiteLaxMode

2024-09-19 01:56:31 +01:00 · 2024-02-15 14:44:25 +00:00 · 2024-02-15 14:44:25 +00:00 · 48135101cd
commit 48135101cd
parent 37b5fcb1a5
4 changed files with 4 additions and 4 deletions
--- a/server/edit.go
+++ b/server/edit.go
@ -32,7 +32,7 @@ func (h *HttpServer) EditGet(rw http.ResponseWriter, _ *http.Request, _ httprout
 		Path:     "/",
 		Expires:  time.Now().Add(10 * time.Minute),
 		Secure:   true,
-		SameSite: http.SameSiteStrictMode,
+		SameSite: http.SameSiteLaxMode,
 	})
 	pages.RenderPageTemplate(rw, "edit", map[string]any{
 		"ServiceName":  h.conf.ServiceName,
--- a/server/home.go
+++ b/server/home.go
@ -19,7 +19,7 @@ func (h *HttpServer) Home(rw http.ResponseWriter, req *http.Request, _ httproute
 		Path:     "/",
 		Expires:  time.Now().Add(10 * time.Minute),
 		Secure:   true,
-		SameSite: http.SameSiteStrictMode,
+		SameSite: http.SameSiteLaxMode,
 	})

 	if auth.IsGuest() {
--- a/server/login.go
+++ b/server/login.go
@ -162,7 +162,7 @@ func (h *HttpServer) setLoginDataCookie(rw http.ResponseWriter, authData UserAut
 		Path:     "/",
 		Expires:  time.Now().AddDate(1, 0, 0),
 		Secure:   true,
-		SameSite: http.SameSiteStrictMode,
+		SameSite: http.SameSiteLaxMode,
 	})
 	return false
 }
--- a/server/server.go
+++ b/server/server.go
@ -134,7 +134,7 @@ func NewHttpServer(conf Conf, db *database.DB, signingKey mjwt.Signer) *http.Ser
 				Path:     "/",
 				MaxAge:   -1,
 				Secure:   true,
-				SameSite: http.SameSiteStrictMode,
+				SameSite: http.SameSiteLaxMode,
 			})

 			http.Redirect(rw, req, "/", http.StatusFound)