API: Add SameSite Strict attribute to cookie

2020-09-10 09:45:20 +02:00 · 2020-09-10 09:45:20 +02:00 · e2419d545f
commit e2419d545f
parent 9b498b23a7
1 changed files with 1 additions and 0 deletions
--- a/api/user_auth.go
+++ b/api/user_auth.go
@ -120,6 +120,7 @@ func completeAuth(opts *config.Options, email string, service string) Response {
 			Expires:  time.Now().Add(30 * 24 * time.Hour),
 			Secure:   opts.DevProxy == "",
 			HttpOnly: true,
+			SameSite: http.SameSiteStrictMode,
 		}},
 	}
 }