summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobert Newson <rnewson@apache.org>2021-12-06 13:48:25 +0000
committerRobert Newson <rnewson@apache.org>2021-12-06 13:52:16 +0000
commitb59d65e68fa22f8562d84e575f36c6035f303130 (patch)
tree4dbaf38f21d139b8e68fd90abbf3b7a9f12a1ab6
parent5522f42bb2a74d8a87ffe157abcace5681232c95 (diff)
downloadcouchdb-b59d65e68fa22f8562d84e575f36c6035f303130.tar.gz
Add SameSite setting when clearing session cookie
-rw-r--r--src/couch/src/couch_httpd_auth.erl2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/couch/src/couch_httpd_auth.erl b/src/couch/src/couch_httpd_auth.erl
index 7bcb85fba..757f055f1 100644
--- a/src/couch/src/couch_httpd_auth.erl
+++ b/src/couch/src/couch_httpd_auth.erl
@@ -509,7 +509,7 @@ handle_session_req(#httpd{method = 'DELETE'} = Req, _AuthModule) ->
"AuthSession",
"",
[{path, "/"}] ++
- cookie_domain() ++ cookie_scheme(Req)
+ cookie_domain() ++ cookie_scheme(Req) ++ same_site()
),
{Code, Headers} =
case couch_httpd:qs_value(Req, "next", nil) of