commit fa5f84c4697767c8d1f3733d88782ec750d82b04
author kevan Jahanshahi <jkevan@apache.org> Fri Mar 24 10:38:45 2023 +0100
committer GitHub <noreply@github.com> Fri Mar 24 10:38:45 2023 +0100
tree 3d306c617fa0f90550ea41158387c2583e05db8d
parent d96122f9d42968f0bd093ab1155d94f5493fd97c

UNOMI-756: set cookies as secure when https protocol is used (#15)

* UNOMI-756: set cookies as secure when https protocol is used

* UNOMI-756: set cookies as secure when https protocol is used

src/apache-unomi-tracker.js

diff --git a/src/apache-unomi-tracker.js b/src/apache-unomi-tracker.js
index 3a262c9..3207722 100644
--- a/src/apache-unomi-tracker.js
+++ b/src/apache-unomi-tracker.js
@@ -572,13 +572,15 @@
          * @return {undefined}
          */
         setCookie: function (cookieName, cookieValue, expireDays) {
-            var expires = '';
+            let expires = '';
             if (expireDays) {
                 var d = new Date();
                 d.setTime(d.getTime() + (expireDays * 24 * 60 * 60 * 1000));
                 expires = '; expires=' + d.toUTCString();
             }
-            document.cookie = cookieName + '=' + cookieValue + expires + '; path=/; SameSite=Strict';
+
+            let secure = location.protocol === 'https:' ? '; secure' : '';
+            document.cookie = cookieName + '=' + cookieValue + expires + '; path=/; SameSite=Strict' + secure;
         },
 
         /**
@@ -1367,8 +1369,8 @@
             // remove cookies, reset cxs
             if (!enable) {
                 wem.cxs = {};
-                document.cookie = wem.trackerProfileIdCookieName + '=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/;';
-                document.cookie = wem.contextServerCookieName + '=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/;';
+                wem.removeCookie(wem.contextServerCookieName);
+                wem.removeCookie(wem.trackerProfileIdCookieName);
                 delete wem.contextLoaded;
             } else {
                 if (wem.DOMLoaded) {