Add SameSite setting when clearing session cookie

commit: f6088d36cba96fbe512684363daf4d7ada000a78 [log] [tgz]
author: Robert Newson <rnewson@apache.org> Mon Dec 06 13:55:34 2021 +0000
committer: Robert Newson <rnewson@apache.org> Mon Dec 06 13:55:34 2021 +0000
tree: d74ee53fc32bd4c05f506915b2f85e50cea66aa9
parent: cb6aff46b65b68fd48293971a11c29633a0e21ff [diff]
diff --git a/src/couch/src/couch_httpd_auth.erl b/src/couch/src/couch_httpd_auth.erl
index fd420bb..ed6b1e6 100644
--- a/src/couch/src/couch_httpd_auth.erl
+++ b/src/couch/src/couch_httpd_auth.erl

@@ -548,7 +548,7 @@
         "AuthSession",
         "",
         [{path, "/"}] ++
-            cookie_domain() ++ cookie_scheme(Req)
+            cookie_domain() ++ cookie_scheme(Req) ++ same_site()
     ),
     {Code, Headers} =
         case couch_httpd:qs_value(Req, "next", nil) of
commit	f6088d36cba96fbe512684363daf4d7ada000a78	[log] [tgz]
author	Robert Newson <rnewson@apache.org>	Mon Dec 06 13:55:34 2021 +0000
committer	Robert Newson <rnewson@apache.org>	Mon Dec 06 13:55:34 2021 +0000
tree	d74ee53fc32bd4c05f506915b2f85e50cea66aa9
parent	cb6aff46b65b68fd48293971a11c29633a0e21ff [diff]