Updated cookie to ensure SameSite is set as Strict #627 (#635)

Fixes #627 .
kiwix · Jul 11, 2020 · 638728a · 638728a
1 parent bc82070
commit 638728a
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/www/js/lib/settingsStore.js b/www/js/lib/settingsStore.js
@@ -62,10 +62,10 @@ define([], function () {
       localStorageTest = false;
     }
     // Now test for document.cookie API support
-    document.cookie = 'tempKiwixCookieTest=working;expires=Fri, 31 Dec 9999 23:59:59 GMT';
+    document.cookie = 'tempKiwixCookieTest=working; expires=Fri, 31 Dec 9999 23:59:59 GMT; SameSite=Strict';
     var kiwixCookieTest = /tempKiwixCookieTest=working/.test(document.cookie);
     // Remove test value by expiring the key
-    document.cookie = 'tempKiwixCookieTest=;expires=Thu, 01 Jan 1970 00:00:00 GMT';
+    document.cookie = 'tempKiwixCookieTest=; expires=Thu, 01 Jan 1970 00:00:00 GMT; SameSite=Strict';
     if (kiwixCookieTest) type = 'cookie';
     // Prefer localStorage if supported due to some platforms removing cookies once the session ends in some contexts
     if (localStorageTest) type = 'local_storage';
@@ -167,4 +167,4 @@ define([], function () {
     hasItem: settingsStore.hasItem,
     getBestAvailableStorageAPI: getBestAvailableStorageAPI
   };
-});
+});