improvement (cookie): leverage the 'SameSite' attribute

2025-11-01 10:56:31 +08:00 · 2018-12-19 21:13:08 +11:00
parent 1d5d836caa
commit e1b0eab5e1
3 changed files with 5 additions and 2 deletions
--- a/server/ctrl/admin.go
+++ b/server/ctrl/admin.go
@ -67,6 +67,7 @@ func AdminSessionAuthenticate(ctx App, res http.ResponseWriter, req *http.Reques
 		Value:  obfuscate,
 		Path:   COOKIE_PATH_ADMIN,
 		MaxAge: 60*60, // valid for 1 hour
+		SameSite: http.SameSiteStrictMode,
 	})
 	SendSuccessResult(res, true)
 }