From 79950a81d4f1668e6a75bdcf818449256045449e Mon Sep 17 00:00:00 2001 From: ochan1 Date: Tue, 27 Apr 2021 05:00:57 -0700 Subject: [PATCH 1/4] Change SameSite to Lax in app.lua --- app.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app.lua b/app.lua index 77db00e3..328c875b 100644 --- a/app.lua +++ b/app.lua @@ -74,7 +74,7 @@ require 'responses' app.cookie_attributes = function(self) local expires = date(true):adddays(365):fmt("${http}") local secure = config._name ~= 'development' and " Secure" or "" - return "Expires=" .. expires .. "; Path=/; HttpOnly; SameSite=None;" .. secure + return "Expires=" .. expires .. "; Path=/; HttpOnly; SameSite=Lax;" .. secure end -- Remove the protocol and port from a URL From 4da86017317be82d7c2a0454d7cc3f114d81cc1a Mon Sep 17 00:00:00 2001 From: ochan1 Date: Tue, 27 Apr 2021 05:00:57 -0700 Subject: [PATCH 2/4] Change SameSite to Lax in app.lua --- app.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app.lua b/app.lua index 77db00e3..328c875b 100644 --- a/app.lua +++ b/app.lua @@ -74,7 +74,7 @@ require 'responses' app.cookie_attributes = function(self) local expires = date(true):adddays(365):fmt("${http}") local secure = config._name ~= 'development' and " Secure" or "" - return "Expires=" .. expires .. "; Path=/; HttpOnly; SameSite=None;" .. secure + return "Expires=" .. expires .. "; Path=/; HttpOnly; SameSite=Lax;" .. secure end -- Remove the protocol and port from a URL From 9bb04d3252fa41b6b9b43352d307924ff85824b8 Mon Sep 17 00:00:00 2001 From: ochan1 Date: Wed, 28 Apr 2021 01:50:46 -0700 Subject: [PATCH 3/4] SameSite Lax mode in Development only, None on Production --- app.lua | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/app.lua b/app.lua index 328c875b..5d3c7c9d 100644 --- a/app.lua +++ b/app.lua @@ -73,8 +73,13 @@ require 'responses' -- Make cookies persistent app.cookie_attributes = function(self) local expires = date(true):adddays(365):fmt("${http}") - local secure = config._name ~= 'development' and " Secure" or "" - return "Expires=" .. expires .. "; Path=/; HttpOnly; SameSite=Lax;" .. secure + local secure = " " .. "Secure" + local sameSite = "None" + if (config._name == 'development') then + secure = "" + sameSite = "Lax" + end + return "Expires=" .. expires .. "; Path=/; HttpOnly; SameSite=" .. sameSite .. ";" .. secure end -- Remove the protocol and port from a URL From a712c5831c5890704d39872e0905adb49dac7a2c Mon Sep 17 00:00:00 2001 From: ochan1 Date: Sat, 24 Jul 2021 15:44:22 -0700 Subject: [PATCH 4/4] Removal of Chromoium bug text from INSTALL.md --- INSTALL.md | 6 ------ 1 file changed, 6 deletions(-) diff --git a/INSTALL.md b/INSTALL.md index 7f1be0e1..e0b089d7 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -14,12 +14,6 @@ $ git clone --recursive https://github.com/bromagosa/snapCloud.git ## Development -### NOTE: Browser Selection for Cookies to work - -Chromium-based browsers will not save the cookies of your login session during the development of Snap!Cloud. They will work on the deployed wesite. - -As a result, it is recommended to use Firefox or Safari to load pages during development, and never Chromium browsers (Chrome, Opera, New Microsoft Edge, etc.). - ### Steps to look into When developing on Snap!Cloud on your local machine, the following sections are important: