make Pleroma.Endpoint use extra_cookie_attrs in config
This commit is contained in:
parent
10096bbf2b
commit
6e26ac10a3
1 changed files with 4 additions and 9 deletions
|
@ -58,14 +58,9 @@ defmodule Pleroma.Web.Endpoint do
|
||||||
do: "__Host-pleroma_key",
|
do: "__Host-pleroma_key",
|
||||||
else: "pleroma_key"
|
else: "pleroma_key"
|
||||||
|
|
||||||
same_site =
|
extra =
|
||||||
if Pleroma.Config.oauth_consumer_enabled?() do
|
Pleroma.Config.get([__MODULE__, :extra_cookie_attrs])
|
||||||
# Note: "SameSite=Strict" prevents sign in with external OAuth provider
|
|> Enum.join(";")
|
||||||
# (there would be no cookies during callback request from OAuth provider)
|
|
||||||
"SameSite=Lax"
|
|
||||||
else
|
|
||||||
"SameSite=Strict"
|
|
||||||
end
|
|
||||||
|
|
||||||
# The session will be stored in the cookie and signed,
|
# The session will be stored in the cookie and signed,
|
||||||
# this means its contents can be read but not tampered with.
|
# this means its contents can be read but not tampered with.
|
||||||
|
@ -77,7 +72,7 @@ defmodule Pleroma.Web.Endpoint do
|
||||||
signing_salt: {Pleroma.Config, :get, [[__MODULE__, :signing_salt], "CqaoopA2"]},
|
signing_salt: {Pleroma.Config, :get, [[__MODULE__, :signing_salt], "CqaoopA2"]},
|
||||||
http_only: true,
|
http_only: true,
|
||||||
secure: secure_cookies,
|
secure: secure_cookies,
|
||||||
extra: same_site
|
extra: extra
|
||||||
)
|
)
|
||||||
|
|
||||||
# Note: the plug and its configuration is compile-time this can't be upstreamed yet
|
# Note: the plug and its configuration is compile-time this can't be upstreamed yet
|
||||||
|
|
Loading…
Reference in a new issue