Closed tvlieg closed 5 years ago
What you are trying to do seems the same of what this test does: https://github.com/bbangert/beaker/blob/master/tests/test_cookie_only.py#L305 which verifies that the samesite attribute is set on creation.
Can you provide a quick test that reproduces your issue?
You're right! I missed that commit; since I carried out the test with the latest release of beaker, whereas the commit that fixes the bug is not yet in a release. I'll close the issue.
Do you have any insights into when a new release will be issued?
Soon, just forgot about it. I'll make a release in the next 2-3 days.
released 1.10.1
The samesite flag is not properly set upon creation of a session.
This results in this cookie:
After logout (cookie delete) the flag is set:
This might be caused, because method
_set_cookie_values
(insession.py
) is only called in_update_cookie_out
and_delete_cookie
. This but renders the samesite cookie useless, so it would be nice if this could be fixed.