Blame SOURCES/0017-fix-also-add-SameSite-None-to-by-value-session-cooki.patch
|
 |
50cc55 |
From ca43d64e722f80ed91871c9ea31fbc7660aa9147 Mon Sep 17 00:00:00 2001
|
|
|
50cc55 |
From: Hans Zandbelt <hans.zandbelt@zmartzone.eu>
|
|
|
50cc55 |
Date: Mon, 3 Feb 2020 10:34:10 +0100
|
|
|
50cc55 |
Subject: [PATCH 17/19] fix: also add SameSite=None to by-value session cookies
|
|
|
50cc55 |
|
|
|
50cc55 |
bump to 2.4.2rc0
|
|
|
50cc55 |
|
|
|
50cc55 |
Signed-off-by: Hans Zandbelt <hans.zandbelt@zmartzone.eu>
|
|
|
50cc55 |
(cherry picked from commit f6798246abc8fd8f865db313439882ac9f5771f3)
|
|
|
50cc55 |
---
|
|
|
50cc55 |
ChangeLog | 4 ++++
|
|
|
50cc55 |
src/session.c | 2 +-
|
|
|
50cc55 |
2 files changed, 5 insertions(+), 1 deletion(-)
|
|
|
50cc55 |
|
|
|
50cc55 |
diff --git a/ChangeLog b/ChangeLog
|
|
|
50cc55 |
index b67f764..3db7110 100644
|
|
|
50cc55 |
--- a/ChangeLog
|
|
|
50cc55 |
+++ b/ChangeLog
|
|
|
50cc55 |
@@ -1,3 +1,7 @@
|
|
|
50cc55 |
+02/03/2020
|
|
|
50cc55 |
+- fix: also add SameSite=None to by-value session cookies
|
|
|
50cc55 |
+- bump to 2.4.2rc0
|
|
|
50cc55 |
+
|
|
|
50cc55 |
01/29/2020
|
|
|
50cc55 |
- always add a SameSite value to the Set-Cookie header to satisfy upcoming Chrome/Firefox changes
|
|
|
50cc55 |
this can be overridden by using, e.g.:
|
|
|
50cc55 |
diff --git a/src/session.c b/src/session.c
|
|
|
50cc55 |
index cd9ccb8..e7194bd 100644
|
|
|
50cc55 |
--- a/src/session.c
|
|
|
50cc55 |
+++ b/src/session.c
|
|
|
50cc55 |
@@ -249,7 +249,7 @@ static apr_byte_t oidc_session_save_cookie(request_rec *r, oidc_session_t *z,
|
|
|
50cc55 |
(first_time ?
|
|
|
50cc55 |
OIDC_COOKIE_EXT_SAME_SITE_LAX :
|
|
|
50cc55 |
OIDC_COOKIE_EXT_SAME_SITE_STRICT) :
|
|
|
50cc55 |
- NULL);
|
|
|
50cc55 |
+ OIDC_COOKIE_EXT_SAME_SITE_NONE);
|
|
|
50cc55 |
|
|
|
50cc55 |
return TRUE;
|
|
|
50cc55 |
}
|
|
|
50cc55 |
--
|
|
|
50cc55 |
2.26.2
|
|
|
50cc55 |
|