Skip to content
Permalink
Browse files

Merge pull request #1870 from transcom/cg_disable_samesite_cookie

Cg disable samesite cookie
  • Loading branch information...
chrisgilmerproj committed Mar 14, 2019
2 parents 379b766 + dcde13c commit 4687865f2ad57b470c5defe8f2252a97f112dc08
Showing with 1 addition and 1 deletion.
  1. +1 −1 pkg/auth/cookie.go
@@ -148,7 +148,7 @@ func WriteSessionCookie(w http.ResponseWriter, session *Session, secret string,
Path: "/",
Expires: time.Unix(0, 0),
MaxAge: -1,
SameSite: http.SameSiteStrictMode,
SameSite: http.SameSiteLaxMode, // Using 'strict' breaks the use of the login.gov redirect
Secure: useSecureCookie,
}

0 comments on commit 4687865

Please sign in to comment.
You can’t perform that action at this time.