Skip to content

Commit cbf3083

Browse files
zeripathzeripath
authored
Add missing SameSite settings for the i_like_gitea cookie (#16037)
The i_like_gitea cookie appears to be missing the SameSite settings. I think they were present at some point but may have been removed in a merge. This PR ensures that they are set. Fix #15972 Signed-off-by: Andrew Thornton <[email protected]>
1 parent 7a484c0 commit cbf3083

File tree

3 files changed

+3
-0
lines changed

3 files changed

+3
-0
lines changed

routers/api/v1/api.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -557,6 +557,7 @@ func Routes() *web.Route {
557557
Gclifetime: setting.SessionConfig.Gclifetime,
558558
Maxlifetime: setting.SessionConfig.Maxlifetime,
559559
Secure: setting.SessionConfig.Secure,
560+
SameSite: setting.SessionConfig.SameSite,
560561
Domain: setting.SessionConfig.Domain,
561562
}))
562563
m.Use(securityHeaders())

routers/routes/install.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -94,6 +94,7 @@ func InstallRoutes() *web.Route {
9494
Gclifetime: setting.SessionConfig.Gclifetime,
9595
Maxlifetime: setting.SessionConfig.Maxlifetime,
9696
Secure: setting.SessionConfig.Secure,
97+
SameSite: setting.SessionConfig.SameSite,
9798
Domain: setting.SessionConfig.Domain,
9899
}))
99100

routers/routes/web.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -161,6 +161,7 @@ func WebRoutes() *web.Route {
161161
Gclifetime: setting.SessionConfig.Gclifetime,
162162
Maxlifetime: setting.SessionConfig.Maxlifetime,
163163
Secure: setting.SessionConfig.Secure,
164+
SameSite: setting.SessionConfig.SameSite,
164165
Domain: setting.SessionConfig.Domain,
165166
}))
166167

0 commit comments

Comments
 (0)