From 138eb64e525cacdf894f652d9e851d5a14ec6645 Mon Sep 17 00:00:00 2001 From: Las Zenow Date: Thu, 3 Dec 2020 16:26:30 +0000 Subject: [PATCH] Set SameSite to strict on the session cookie --- lib/session.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/lib/session.go b/lib/session.go index b3087b4..eb68372 100644 --- a/lib/session.go +++ b/lib/session.go @@ -10,7 +10,12 @@ import ( "gitlab.com/trantor/trantor/lib/database" ) -var sesStore = sessions.NewCookieStore([]byte(os.Getenv("SESSION_KEY"))) +var sesStore *sessions.CookieStore + +func init() { + sesStore = sessions.NewCookieStore([]byte(os.Getenv("SESSION_KEY"))) + sesStore.Options.SameSite = http.SameSiteStrictMode +} type Notification struct { Title string