Open charJe opened 3 years ago
@charJe The current version on the master
branch has this option. It seems the latest release (1.3.0 at time of writing - also the one in QuickLisp) lacks the option.
You can clone the git repository in your quicklisp/local-projects
directory to use the up to date version.
Cloning the git repo in quicklisp/local-projects indeed provides the needed SameSite attribute in the cookie object. However, there isn't any easy way to set it when a session starts. I've temporarily solved this problem by adding (defparameter default-cookie-same-site nil) above that function in session.lilsp and setting :same-site to default-cookie-same-site in the start-session set-cookie call. Doing this makes it transparent to other users and allows me to change that global parameter after I load hunchentoot.
But I'm going to have to do that everytime I update hunchentoot. It would be nice to get some control over this built in in the project itself.
set-cookie
doesn't have a same-site option.