SameSite=Strict breaks multisite

2024-09-03 20:06:27 +02:00 · 2018-11-19 16:06:12 +00:00 · 2018-11-19 16:06:12 +00:00 · 7be6e76cb8
commit 7be6e76cb8
parent 2699aa8db7
1 changed files with 3 additions and 3 deletions
--- a/helpers.lua
+++ b/helpers.lua
@ -148,7 +148,7 @@ function set_auth_cookie(user, domain)
                       "; Expires="..os.date("%a, %d %b %Y %X UTC", expire)..
                       "; Secure"..
                       "; HttpOnly"..
-                       "; SameSite=Strict ;;"
+                       "; SameSite=Lax ;;"

    ngx.header["Set-Cookie"] = {
        "SSOwAuthUser="..user..cookie_str,
@ -169,7 +169,7 @@ function delete_cookie()
                           "; Expires="..expired_time..
                           "; Secure"..
                           "; HttpOnly"..
-                           "; SameSite=Strict ;;"
+                           "; SameSite=Lax ;;"
        ngx.header["Set-Cookie"] = {
            "SSOwAuthUser="..cookie_str,
            "SSOwAuthHash="..cookie_str,
@ -186,7 +186,7 @@ function delete_redirect_cookie()
                       "; Expires="..expired_time..
                       "; Secure"..
                       "; HttpOnly"..
-                       "; SameSite=Strict ;;"
+                       "; SameSite=Lax ;;"
    ngx.header["Set-Cookie"] = "SSOwAuthRedirect=;" ..cookie_str
 end