diff options
author | Robert Newson <rnewson@apache.org> | 2021-12-09 19:14:35 +0000 |
---|---|---|
committer | Robert Newson <rnewson@apache.org> | 2021-12-09 19:14:35 +0000 |
commit | c12f0a723cc213679bb90cd263b1187b153627d9 (patch) | |
tree | d0ea7eada1618b84644c2ae6c821a9f6e7793b5d | |
parent | 728f3b936b2eb7f9572ebf90d6887a3c2849f571 (diff) | |
download | couchdb-delete-session-cookie-samesite-2-3.x.tar.gz |
Add SameSite setting when clearing session cookie (2)delete-session-cookie-samesite-2-3.x
I missed a case.
-rw-r--r-- | src/couch/src/couch_httpd_auth.erl | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/couch/src/couch_httpd_auth.erl b/src/couch/src/couch_httpd_auth.erl index 757f055f1..b4044803f 100644 --- a/src/couch/src/couch_httpd_auth.erl +++ b/src/couch/src/couch_httpd_auth.erl @@ -447,7 +447,7 @@ handle_session_req(#httpd{method = 'POST', mochi_req = MochiReq} = Req, AuthModu authentication_warning(Req, UserName), % clear the session Cookie = mochiweb_cookies:cookie( - "AuthSession", "", [{path, "/"}] ++ cookie_scheme(Req) + "AuthSession", "", [{path, "/"}] ++ cookie_scheme(Req) ++ same_site() ), {Code, Headers} = case couch_httpd:qs_value(Req, "fail", nil) of |