Add SameSite setting when clearing session cookie (2)delete-session-cookie-samesite-2-main

I missed a case.
author: Robert Newson <rnewson@apache.org> 2021-12-09 19:17:59 +0000
committer: Robert Newson <rnewson@apache.org> 2021-12-09 19:18:18 +0000
commit: 044ed4a9347c9ab944f826f98996694499e85ee8 (patch)
tree: 24d197b1cb9b16158bbbb2e6e939e4786db942af
parent: e914239e350c75c9d0c2ec701e91ee7561f195e3 (diff)
download: couchdb-delete-session-cookie-samesite-2-main.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/couch/src/couch_httpd_auth.erl b/src/couch/src/couch_httpd_auth.erl
index ed6b1e604..5bf0c24e1 100644
--- a/src/couch/src/couch_httpd_auth.erl
+++ b/src/couch/src/couch_httpd_auth.erl
@@ -486,7 +486,7 @@ handle_session_req(#httpd{method = 'POST', mochi_req = MochiReq} = Req, AuthModu
             authentication_warning(Req, UserName),
             % clear the session
             Cookie = mochiweb_cookies:cookie(
-                "AuthSession", "", [{path, "/"}] ++ cookie_scheme(Req)
+                "AuthSession", "", [{path, "/"}] ++ cookie_scheme(Req) ++ same_site()
             ),
             {Code, Headers} =
                 case couch_httpd:qs_value(Req, "fail", nil) of
author	Robert Newson <rnewson@apache.org>	2021-12-09 19:17:59 +0000
committer	Robert Newson <rnewson@apache.org>	2021-12-09 19:18:18 +0000
commit	044ed4a9347c9ab944f826f98996694499e85ee8 (patch)
tree	24d197b1cb9b16158bbbb2e6e939e4786db942af
parent	e914239e350c75c9d0c2ec701e91ee7561f195e3 (diff)
download	couchdb-delete-session-cookie-samesite-2-main.tar.gz