Fossil SCM

Removed the SameSite=strict cookie setting in order to rule out whether it is the cause for the login cookie not being submitted when reaching the site via a GMail-induced redirect.

stephan 2020-07-29 16:15 trunk

Commit 1ac2e7326b689c0787fc9b5d5477dcf62b3c3ac2e049d5bc2a74def0cfb8d332

Parent 0cda82eb2fc2a30…

1 file changed +2 -2

~ src/cgi.c

M src/cgi.c

+2 -2

		--- src/cgi.c
		+++ src/cgi.c
		@@ -255,15 +255,15 @@
255	255	zSecure = " secure;";
256	256	}
257	257	if( lifetime!=0 ){
258	258	blob_appendf(&extraHeader,
259	259	"Set-Cookie: %s=%t; Path=%s; max-age=%d; HttpOnly; "
260		- "SameSite=strict; %s Version=1\r\n",
	260	+ "%s Version=1\r\n",
261	261	zName, lifetime>0 ? zValue : "null", zPath, lifetime, zSecure);
262	262	}else{
263	263	blob_appendf(&extraHeader,
264		- "Set-Cookie: %s=%t; Path=%s; HttpOnly; SameSite=strict; "
	264	+ "Set-Cookie: %s=%t; Path=%s; HttpOnly; "
265	265	"%s Version=1\r\n",
266	266	zName, zValue, zPath, zSecure);
267	267	}
268	268	}
269	269
270	270

	--- src/cgi.c
	+++ src/cgi.c
	@@ -255,15 +255,15 @@
255	zSecure = " secure;";
256	}
257	if( lifetime!=0 ){
258	blob_appendf(&extraHeader,
259	"Set-Cookie: %s=%t; Path=%s; max-age=%d; HttpOnly; "
260	"SameSite=strict; %s Version=1\r\n",
261	zName, lifetime>0 ? zValue : "null", zPath, lifetime, zSecure);
262	}else{
263	blob_appendf(&extraHeader,
264	"Set-Cookie: %s=%t; Path=%s; HttpOnly; SameSite=strict; "
265	"%s Version=1\r\n",
266	zName, zValue, zPath, zSecure);
267	}
268	}
269
270

	--- src/cgi.c
	+++ src/cgi.c
	@@ -255,15 +255,15 @@
255	zSecure = " secure;";
256	}
257	if( lifetime!=0 ){
258	blob_appendf(&extraHeader,
259	"Set-Cookie: %s=%t; Path=%s; max-age=%d; HttpOnly; "
260	"%s Version=1\r\n",
261	zName, lifetime>0 ? zValue : "null", zPath, lifetime, zSecure);
262	}else{
263	blob_appendf(&extraHeader,
264	"Set-Cookie: %s=%t; Path=%s; HttpOnly; "
265	"%s Version=1\r\n",
266	zName, zValue, zPath, zSecure);
267	}
268	}
269
270

Fossil SCM

Keyboard Shortcuts