Cookies should be SameSite=Lax

Strict means that cookies won't be sent in sub-requests as is the case when using a JSON formatter browser extension.
author: Mike Crute <mike@crute.us> 2021-11-17 15:48:12 -0800
committer: Mike Crute <mike@crute.us> 2021-11-17 15:48:12 -0800
commit: 0049bdd2ab6b6b743e9a0cf89f6cbabc8b08e2d4 (patch)
tree: 0ca6d471479049d52bf48210f65e6028487e80a6
parent: 375654659ce828de4c24035c023c9ab551a37410 (diff)
download: cloud-identity-broker-0049bdd2ab6b6b743e9a0cf89f6cbabc8b08e2d4.tar.bz2
cloud-identity-broker-0049bdd2ab6b6b743e9a0cf89f6cbabc8b08e2d4.tar.xz
cloud-identity-broker-0049bdd2ab6b6b743e9a0cf89f6cbabc8b08e2d4.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/app/middleware/auth.go b/app/middleware/auth.go
index b8bf7f9..a88313c 100644
--- a/app/middleware/auth.go
+++ b/app/middleware/auth.go
@@ -74,7 +74,7 @@ func (m *AuthenticationMiddleware) redirectToGitHubAuth(c echo.Context) error {
                Path:     "/",
                Secure:   true,
                HttpOnly: true,
-                SameSite: http.SameSiteStrictMode,
+                SameSite: http.SameSiteLaxMode,
        })
        return c.Redirect(http.StatusFound, redir)
@@ -217,7 +217,7 @@ func (m *AuthenticationMiddleware) HandleCompleteLogin(c echo.Context) error {
                Path:     "/",
                MaxAge:   int(m.CookieDuration.Seconds()),
                Secure:   true,
-                SameSite: http.SameSiteStrictMode,
+                SameSite: http.SameSiteLaxMode,
        })
        return c.Redirect(http.StatusFound, "/")
author	Mike Crute <mike@crute.us>	2021-11-17 15:48:12 -0800
committer	Mike Crute <mike@crute.us>	2021-11-17 15:48:12 -0800
commit	0049bdd2ab6b6b743e9a0cf89f6cbabc8b08e2d4 (patch)
tree	0ca6d471479049d52bf48210f65e6028487e80a6
parent	375654659ce828de4c24035c023c9ab551a37410 (diff)
download	cloud-identity-broker-0049bdd2ab6b6b743e9a0cf89f6cbabc8b08e2d4.tar.bz2 cloud-identity-broker-0049bdd2ab6b6b743e9a0cf89f6cbabc8b08e2d4.tar.xz cloud-identity-broker-0049bdd2ab6b6b743e9a0cf89f6cbabc8b08e2d4.zip

diff --git a/app/middleware/auth.go b/app/middleware/auth.go index b8bf7f9..a88313c 100644 --- a/app/middleware/auth.go +++ b/app/middleware/auth.go
@@ -74,7 +74,7 @@ func (m *AuthenticationMiddleware) redirectToGitHubAuth(c echo.Context) error {
74	Path: "/",	74	Path: "/",
75	Secure: true,	75	Secure: true,
76	HttpOnly: true,	76	HttpOnly: true,
77	SameSite: http.SameSiteStrictMode,	77	SameSite: http.SameSiteLaxMode,
78	})	78	})
79		79
80	return c.Redirect(http.StatusFound, redir)	80	return c.Redirect(http.StatusFound, redir)
@@ -217,7 +217,7 @@ func (m *AuthenticationMiddleware) HandleCompleteLogin(c echo.Context) error {
217	Path: "/",	217	Path: "/",
218	MaxAge: int(m.CookieDuration.Seconds()),	218	MaxAge: int(m.CookieDuration.Seconds()),
219	Secure: true,	219	Secure: true,
220	SameSite: http.SameSiteStrictMode,	220	SameSite: http.SameSiteLaxMode,
221	})	221	})
222		222
223	return c.Redirect(http.StatusFound, "/")	223	return c.Redirect(http.StatusFound, "/")