Request: Add sameSite parameter to unset_cookie

falconry / falcon

The no-magic web data plane API and microservices framework for Python developers, with a focus on reliability, correctness, and performance at scale.

https://falcon.readthedocs.io/en/stable/

Apache License 2.0

9.51k stars 937 forks source link

Request: Add sameSite parameter to unset_cookie #2124

Closed agulab closed 1 year ago

agulab commented 1 year ago

It would be appreciated if I could use the _unsetcookie method to unset a cookie I created with the parameter sameSite='None'. Otherwise, I'm forced to use _setcookie for the sole purpose of unsetting that cookie...

With current behaviour, sameSite is set to 'Lax' by default and so the browser ignores it because I'm using different domains for front and backend, and so using Cross Site requests.

Thank you

CaselIT commented 1 year ago

Hi,

thanks for reporting. I agree that it makes sense. We can keep the default samesite to lax, but allow users to override it.

TigreModerata commented 1 year ago

Hi, I just submitted a draft in a pull request.

vytas7 commented 1 year ago

Awesome, thanks, we'll take a look!