Add SameSite setting when clearing session cookie

author: Robert Newson <rnewson@apache.org> 2021-12-06 13:48:25 +0000
committer: Robert Newson <rnewson@apache.org> 2021-12-06 13:52:16 +0000
commit: b59d65e68fa22f8562d84e575f36c6035f303130 (patch)
tree: 4dbaf38f21d139b8e68fd90abbf3b7a9f12a1ab6
parent: 5522f42bb2a74d8a87ffe157abcace5681232c95 (diff)
download: couchdb-b59d65e68fa22f8562d84e575f36c6035f303130.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/couch/src/couch_httpd_auth.erl b/src/couch/src/couch_httpd_auth.erl
index 7bcb85fba..757f055f1 100644
--- a/src/couch/src/couch_httpd_auth.erl
+++ b/src/couch/src/couch_httpd_auth.erl
@@ -509,7 +509,7 @@ handle_session_req(#httpd{method = 'DELETE'} = Req, _AuthModule) ->
         "AuthSession",
         "",
         [{path, "/"}] ++
-            cookie_domain() ++ cookie_scheme(Req)
+            cookie_domain() ++ cookie_scheme(Req) ++ same_site()
     ),
     {Code, Headers} =
         case couch_httpd:qs_value(Req, "next", nil) of
author	Robert Newson <rnewson@apache.org>	2021-12-06 13:48:25 +0000
committer	Robert Newson <rnewson@apache.org>	2021-12-06 13:52:16 +0000
commit	b59d65e68fa22f8562d84e575f36c6035f303130 (patch)
tree	4dbaf38f21d139b8e68fd90abbf3b7a9f12a1ab6
parent	5522f42bb2a74d8a87ffe157abcace5681232c95 (diff)
download	couchdb-b59d65e68fa22f8562d84e575f36c6035f303130.tar.gz