Add SameSite setting when clearing session cookiedelete-session-cookie-samesite-main

author: Robert Newson <rnewson@apache.org> 2021-12-06 13:55:34 +0000
committer: Robert Newson <rnewson@apache.org> 2021-12-06 13:55:34 +0000
commit: f6088d36cba96fbe512684363daf4d7ada000a78 (patch)
tree: d74ee53fc32bd4c05f506915b2f85e50cea66aa9
parent: cb6aff46b65b68fd48293971a11c29633a0e21ff (diff)
download: couchdb-delete-session-cookie-samesite-main.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/couch/src/couch_httpd_auth.erl b/src/couch/src/couch_httpd_auth.erl
index fd420bbb0..ed6b1e604 100644
--- a/src/couch/src/couch_httpd_auth.erl
+++ b/src/couch/src/couch_httpd_auth.erl
@@ -548,7 +548,7 @@ handle_session_req(#httpd{method = 'DELETE'} = Req, _AuthModule) ->
         "AuthSession",
         "",
         [{path, "/"}] ++
-            cookie_domain() ++ cookie_scheme(Req)
+            cookie_domain() ++ cookie_scheme(Req) ++ same_site()
     ),
     {Code, Headers} =
         case couch_httpd:qs_value(Req, "next", nil) of
author	Robert Newson <rnewson@apache.org>	2021-12-06 13:55:34 +0000
committer	Robert Newson <rnewson@apache.org>	2021-12-06 13:55:34 +0000
commit	f6088d36cba96fbe512684363daf4d7ada000a78 (patch)
tree	d74ee53fc32bd4c05f506915b2f85e50cea66aa9
parent	cb6aff46b65b68fd48293971a11c29633a0e21ff (diff)
download	couchdb-delete-session-cookie-samesite-main.tar.gz