From c2c42418609d164a234629113bc4368d9840d6d3 Mon Sep 17 00:00:00 2001 From: Joe Haddad Date: Mon, 30 Mar 2020 12:47:26 -0400 Subject: [PATCH] Use Lax Cookie for Preview Mode (#11495) * Use Lax Cookie for Preview Mode * Fix tests --- packages/next/next-server/server/api-utils.ts | 8 ++++---- .../getserversideprops-preview/test/index.test.js | 12 ++++++------ .../integration/prerender-preview/test/index.test.js | 12 ++++++------ 3 files changed, 16 insertions(+), 16 deletions(-) diff --git a/packages/next/next-server/server/api-utils.ts b/packages/next/next-server/server/api-utils.ts index 5d7a6b166e644..27908d045ceaa 100644 --- a/packages/next/next-server/server/api-utils.ts +++ b/packages/next/next-server/server/api-utils.ts @@ -394,7 +394,7 @@ function setPreviewData( : []), serialize(COOKIE_NAME_PRERENDER_BYPASS, options.previewModeId, { httpOnly: true, - sameSite: 'strict', + sameSite: 'lax', path: '/', ...(options.maxAge !== undefined ? ({ maxAge: options.maxAge } as CookieSerializeOptions) @@ -402,7 +402,7 @@ function setPreviewData( }), serialize(COOKIE_NAME_PRERENDER_DATA, payload, { httpOnly: true, - sameSite: 'strict', + sameSite: 'lax', path: '/', ...(options.maxAge !== undefined ? ({ maxAge: options.maxAge } as CookieSerializeOptions) @@ -431,7 +431,7 @@ function clearPreviewData(res: NextApiResponse): NextApiResponse { // `Max-Age: 0` is not valid, thus ignored, and the cookie is persisted. expires: new Date(0), httpOnly: true, - sameSite: 'strict', + sameSite: 'lax', path: '/', }), serialize(COOKIE_NAME_PRERENDER_DATA, '', { @@ -440,7 +440,7 @@ function clearPreviewData(res: NextApiResponse): NextApiResponse { // `Max-Age: 0` is not valid, thus ignored, and the cookie is persisted. expires: new Date(0), httpOnly: true, - sameSite: 'strict', + sameSite: 'lax', path: '/', }), ]) diff --git a/test/integration/getserversideprops-preview/test/index.test.js b/test/integration/getserversideprops-preview/test/index.test.js index 289160dfa3df2..d9d047f2fd4c5 100644 --- a/test/integration/getserversideprops-preview/test/index.test.js +++ b/test/integration/getserversideprops-preview/test/index.test.js @@ -74,10 +74,10 @@ function runTests(startServer = nextStart) { .map(cookie.parse) expect(cookies.length).toBe(2) - expect(cookies[0]).toMatchObject({ Path: '/', SameSite: 'Strict' }) + expect(cookies[0]).toMatchObject({ Path: '/', SameSite: 'Lax' }) expect(cookies[0]).toHaveProperty('__prerender_bypass') expect(cookies[0]).not.toHaveProperty('Max-Age') - expect(cookies[1]).toMatchObject({ Path: '/', SameSite: 'Strict' }) + expect(cookies[1]).toMatchObject({ Path: '/', SameSite: 'Lax' }) expect(cookies[1]).toHaveProperty('__next_preview_data') expect(cookies[1]).not.toHaveProperty('Max-Age') @@ -135,21 +135,21 @@ function runTests(startServer = nextStart) { const cookies = res.headers .get('set-cookie') - .replace(/(=\w{3}),/g, '$1') + .replace(/(=(?!Lax)\w{3}),/g, '$1') .split(',') .map(cookie.parse) expect(cookies.length).toBe(2) expect(cookies[0]).toMatchObject({ Path: '/', - SameSite: 'Strict', + SameSite: 'Lax', Expires: 'Thu 01 Jan 1970 00:00:00 GMT', }) expect(cookies[0]).toHaveProperty('__prerender_bypass') expect(cookies[0]).not.toHaveProperty('Max-Age') expect(cookies[1]).toMatchObject({ Path: '/', - SameSite: 'Strict', + SameSite: 'Lax', Expires: 'Thu 01 Jan 1970 00:00:00 GMT', }) expect(cookies[1]).toHaveProperty('__next_preview_data') @@ -266,7 +266,7 @@ describe('ServerSide Props Preview Mode', () => { const cookies = res.headers .get('set-cookie') - .replace(/(=\w{3}),/g, '$1') + .replace(/(=(?!Lax)\w{3}),/g, '$1') .split(',') .map(cookie.parse) diff --git a/test/integration/prerender-preview/test/index.test.js b/test/integration/prerender-preview/test/index.test.js index a8abd24ccfc71..79b91ada0e2e3 100644 --- a/test/integration/prerender-preview/test/index.test.js +++ b/test/integration/prerender-preview/test/index.test.js @@ -80,10 +80,10 @@ function runTests(startServer = nextStart) { .map(cookie.parse) expect(cookies.length).toBe(2) - expect(cookies[0]).toMatchObject({ Path: '/', SameSite: 'Strict' }) + expect(cookies[0]).toMatchObject({ Path: '/', SameSite: 'Lax' }) expect(cookies[0]).toHaveProperty('__prerender_bypass') expect(cookies[0]).not.toHaveProperty('Max-Age') - expect(cookies[1]).toMatchObject({ Path: '/', SameSite: 'Strict' }) + expect(cookies[1]).toMatchObject({ Path: '/', SameSite: 'Lax' }) expect(cookies[1]).toHaveProperty('__next_preview_data') expect(cookies[1]).not.toHaveProperty('Max-Age') @@ -141,21 +141,21 @@ function runTests(startServer = nextStart) { const cookies = res.headers .get('set-cookie') - .replace(/(=\w{3}),/g, '$1') + .replace(/(=(?!Lax)\w{3}),/g, '$1') .split(',') .map(cookie.parse) expect(cookies.length).toBe(2) expect(cookies[0]).toMatchObject({ Path: '/', - SameSite: 'Strict', + SameSite: 'Lax', Expires: 'Thu 01 Jan 1970 00:00:00 GMT', }) expect(cookies[0]).toHaveProperty('__prerender_bypass') expect(cookies[0]).not.toHaveProperty('Max-Age') expect(cookies[1]).toMatchObject({ Path: '/', - SameSite: 'Strict', + SameSite: 'Lax', Expires: 'Thu 01 Jan 1970 00:00:00 GMT', }) expect(cookies[1]).toHaveProperty('__next_preview_data') @@ -266,7 +266,7 @@ describe('Prerender Preview Mode', () => { const cookies = res.headers .get('set-cookie') - .replace(/(=\w{3}),/g, '$1') + .replace(/(=(?!Lax)\w{3}),/g, '$1') .split(',') .map(cookie.parse)