bbangert / beaker

WSGI middleware for sessions and caching

https://beaker.readthedocs.org/

Other

517 stars 146 forks source link

Set samesite cookie attribute on cookie creation #165

Closed dwang159 closed 6 years ago

dwang159 commented 6 years ago

159 adds support for the SameSite flag in cookie sessions, but does not set this option when the cookie is created. As a result, the `session.samesite` option does not actually set the SameSite flag in many cases. This resolves the above issue.

amol- commented 6 years ago

@dwang159 mind adding a test that demonstrates the problem? I wan't to prevent regressions on this issue and generally all tickets require a test to be merged.

dwang159 commented 6 years ago

Added a test as requested, mirroring one in test_cookie_domain_only. Verified that this test fails before 63a719a and passes after.

bbangert / beaker

Set samesite cookie attribute on cookie creation #165

159 adds support for the SameSite flag in cookie sessions, but does not set this option when the cookie is created. As a result, the session.samesite option does not actually set the SameSite flag in many cases. This resolves the above issue.

159 adds support for the SameSite flag in cookie sessions, but does not set this option when the cookie is created. As a result, the `session.samesite` option does not actually set the SameSite flag in many cases. This resolves the above issue.