Fossil SCM

Removed the newly-added SameSite=strict cookie setting to test whether it is the cause of session-cookie login grief on my hoster.

stephan 2020-07-26 20:10 login-session-cookie

Commit 80025e706d03ad696134be8fb040c138603b90c5b968a00cdc032b2c67e246c6

Parent 32975aabe7ea4c4…

1 file changed +2 -3

M src/cgi.c

+2 -3

		--- src/cgi.c
		+++ src/cgi.c
		@@ -255,16 +255,15 @@
255	255	zSecure = " secure;";
256	256	}
257	257	if( lifetime!=0 ){
258	258	blob_appendf(&extraHeader,
259	259	"Set-Cookie: %s=%t; Path=%s; max-age=%d; HttpOnly; "
260		- "SameSite=strict; %s Version=1\r\n",
	260	+ "%s Version=1\r\n",
261	261	zName, lifetime>0 ? zValue : "null", zPath, lifetime, zSecure);
262	262	}else{
263	263	blob_appendf(&extraHeader,
264		- "Set-Cookie: %s=%t; Path=%s; HttpOnly; SameSite=strict; "
265		- "%s Version=1\r\n",
	264	+ "Set-Cookie: %s=%t; Path=%s; HttpOnly; %s Version=1\r\n",
266	265	zName, zValue, zPath, zSecure);
267	266	}
268	267	}
269	268
270	269
271	270

	--- src/cgi.c
	+++ src/cgi.c
	@@ -255,16 +255,15 @@
255	zSecure = " secure;";
256	}
257	if( lifetime!=0 ){
258	blob_appendf(&extraHeader,
259	"Set-Cookie: %s=%t; Path=%s; max-age=%d; HttpOnly; "
260	"SameSite=strict; %s Version=1\r\n",
261	zName, lifetime>0 ? zValue : "null", zPath, lifetime, zSecure);
262	}else{
263	blob_appendf(&extraHeader,
264	"Set-Cookie: %s=%t; Path=%s; HttpOnly; SameSite=strict; "
265	"%s Version=1\r\n",
266	zName, zValue, zPath, zSecure);
267	}
268	}
269
270
271

	--- src/cgi.c
	+++ src/cgi.c
	@@ -255,16 +255,15 @@
255	zSecure = " secure;";
256	}
257	if( lifetime!=0 ){
258	blob_appendf(&extraHeader,
259	"Set-Cookie: %s=%t; Path=%s; max-age=%d; HttpOnly; "
260	"%s Version=1\r\n",
261	zName, lifetime>0 ? zValue : "null", zPath, lifetime, zSecure);
262	}else{
263	blob_appendf(&extraHeader,
264	"Set-Cookie: %s=%t; Path=%s; HttpOnly; %s Version=1\r\n",

265	zName, zValue, zPath, zSecure);
266	}
267	}
268
269
270