From 5fa68417d372e5353ebe61f89df3695fe5ab6d62 Mon Sep 17 00:00:00 2001
From: knanao <nao.7ken@gmail.com>
Date: Thu, 16 Feb 2023 10:43:09 +0900
Subject: [PATCH] Update Lax to Strict for SameSite cookies

---
 pkg/app/server/httpapi/auth_handler.go | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/pkg/app/server/httpapi/auth_handler.go b/pkg/app/server/httpapi/auth_handler.go
index 34fd584371..34823be36a 100644
--- a/pkg/app/server/httpapi/auth_handler.go
+++ b/pkg/app/server/httpapi/auth_handler.go
@@ -146,7 +146,7 @@ func makeTokenCookie(value string, secure bool) *http.Cookie {
 		Path:     rootPath,
 		Secure:   secure,
 		HttpOnly: true,
-		SameSite: http.SameSiteLaxMode,
+		SameSite: http.SameSiteStrictMode,
 	}
 }
 
@@ -158,7 +158,7 @@ func makeExpiredTokenCookie(secure bool) *http.Cookie {
 		Path:     rootPath,
 		Secure:   secure,
 		HttpOnly: true,
-		SameSite: http.SameSiteLaxMode,
+		SameSite: http.SameSiteStrictMode,
 	}
 }
 
@@ -170,7 +170,7 @@ func makeStateCookie(value string, secure bool) *http.Cookie {
 		Path:     rootPath,
 		Secure:   secure,
 		HttpOnly: true,
-		SameSite: http.SameSiteLaxMode,
+		SameSite: http.SameSiteStrictMode,
 	}
 }
 
@@ -182,7 +182,7 @@ func makeExpiredStateCookie(secure bool) *http.Cookie {
 		Path:     rootPath,
 		Secure:   secure,
 		HttpOnly: true,
-		SameSite: http.SameSiteLaxMode,
+		SameSite: http.SameSiteStrictMode,
 	}
 }
 
@@ -194,6 +194,6 @@ func makeErrorCookie(value string, secure bool) *http.Cookie {
 		Path:     rootPath,
 		Secure:   secure,
 		HttpOnly: false,
-		SameSite: http.SameSiteLaxMode,
+		SameSite: http.SameSiteStrictMode,
 	}
 }