external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

add util.add_samesite_fields(response, value)

Browse source 
This function adds f"SameSite={value}" to each cookie's header
stored in response.

This is needed because starlette does not currently support
the `samesite` argument in Response.set_cookie. It is merged,
however, and waiting for next release.

Signed-off-by: Kevin Morris <kevr@0cost.org>
This commit is contained in:
Kevin Morris 2021-06-12 03:23:58 -07:00
parent ec632a7091
commit 91dc3efc75
6 changed files with 23 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

3
aurweb/routers/auth.py
View file

@ -6,6 +6,7 @@ from fastapi.responses import HTMLResponse, RedirectResponse
import aurweb.config
from aurweb import util
from aurweb.auth import auth_required
from aurweb.models.user import User
from aurweb.templates import make_context, render_template
@ -63,7 +64,7 @@ async def login_post(request: Request,
secure_cookies = aurweb.config.getboolean("options", "disable_http_login")
response.set_cookie("AURSID", sid, expires=expires_at,
secure=secure_cookies, httponly=True)
return response
return util.add_samesite_fields(response, "strict")
@router.get("/logout")