Revert cookie flag from strict to lax mode otherwise oauth2 won't work

2018-09-09 14:25:56 -07:00 · 2018-09-09 14:25:56 -07:00 · c1e1506720
commit c1e1506720
parent 46932c91a6
3 changed files with 5 additions and 5 deletions
--- a/http/cookie/cookie.go
+++ b/http/cookie/cookie.go
@ -27,7 +27,7 @@ func New(name, value string, isHTTPS bool, path string) *http.Cookie {
 		Secure:   isHTTPS,
 		HttpOnly: true,
 		Expires:  time.Now().Add(cookieDuration * 24 * time.Hour),
-		SameSite: http.SameSiteStrictMode,
+		SameSite: http.SameSiteLaxMode,
 	}
 }
@ -41,7 +41,7 @@ func Expired(name string, isHTTPS bool, path string) *http.Cookie {
 		HttpOnly: true,
 		MaxAge:   -1,
 		Expires:  time.Date(1970, 1, 1, 0, 0, 0, 0, time.UTC),
-		SameSite: http.SameSiteStrictMode,
+		SameSite: http.SameSiteLaxMode,
 	}
 }
--- a/model/app_session.go
+++ b/model/app_session.go
@ -23,8 +23,8 @@ type SessionData struct {
 }
 func (s SessionData) String() string {
-	return fmt.Sprintf(`CSRF=%q, "OAuth2State=%q, FlashMsg=%q, FlashErrorMsg=%q, Lang=%q, Theme=%q`,
+	return fmt.Sprintf(`CSRF=%q, OAuth2State=%q, FlashMsg=%q, FlashErrMsg=%q, Lang=%q, Theme=%q, PocketTkn=%q`,
-		s.CSRF, s.OAuth2State, s.FlashMessage, s.FlashErrorMessage, s.Language, s.Theme)
+		s.CSRF, s.OAuth2State, s.FlashMessage, s.FlashErrorMessage, s.Language, s.Theme, s.PocketRequestToken)
 }
 // Value converts the session data to JSON.
--- a/template/engine.go
+++ b/template/engine.go
@ -36,7 +36,7 @@ func (e *Engine) parseAll() {
 	}
 }
-// Render process a template and write the ouput.
+// Render process a template.
 func (e *Engine) Render(name, language string, data interface{}) []byte {
 	tpl, ok := e.templates[name]
 	if !ok {