Skip to content

Commit

Permalink
Use SameSite=none for oauth state cookie
Browse files Browse the repository at this point in the history
  • Loading branch information
@Oscariremma
Oscariremma committed Sep 27, 2024
1 parent 6e91938 commit 585d433
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion internal/app/web/authentication.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,8 @@ func generateLoginURL(c *gin.Context) (string, error) {
fmt.Println("Failed to generate state")
return "", err
}
c.SetCookie("oauth_state", state, int(time.Hour.Seconds()), "/", os.Getenv("COOKIE_DOMAIN"), c.Request.TLS != nil, true)
c.SetSameSite(http.SameSiteNoneMode)
c.SetCookie("oauth_state", state, int(time.Hour.Seconds()), "/", os.Getenv("COOKIE_DOMAIN"), true, true)
return client.AuthCodeURL(state), nil
}

Expand Down

0 comments on commit 585d433

Please sign in to comment.