forked from midou/invidious
Add sameSite policy in cookie management in server side
This commit is contained in:
parent
8e4959a621
commit
09a585c93b
@ -17,7 +17,8 @@ struct Invidious::User
|
|||||||
value: sid,
|
value: sid,
|
||||||
expires: Time.utc + 2.years,
|
expires: Time.utc + 2.years,
|
||||||
secure: SECURE,
|
secure: SECURE,
|
||||||
http_only: true
|
http_only: true,
|
||||||
|
samesite: HTTP::Cookie::SameSite::Strict
|
||||||
)
|
)
|
||||||
end
|
end
|
||||||
|
|
||||||
@ -30,7 +31,8 @@ struct Invidious::User
|
|||||||
value: URI.encode_www_form(preferences.to_json),
|
value: URI.encode_www_form(preferences.to_json),
|
||||||
expires: Time.utc + 2.years,
|
expires: Time.utc + 2.years,
|
||||||
secure: SECURE,
|
secure: SECURE,
|
||||||
http_only: false
|
http_only: false,
|
||||||
|
samesite: HTTP::Cookie::SameSite::Strict
|
||||||
)
|
)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
Loading…
Reference in New Issue
Block a user