fix(server): update comments for host & cookies

lakhansamani · lakhansamani · commit f5323e0eecff · 2022-09-28T10:36:56.000+05:30
diff --git a/server/cookie/cookie.go b/server/cookie/cookie.go
@@ -30,6 +30,8 @@ func SetSession(gc *gin.Context, sessionID string) {
 	}
 
 	// Use sameSite = lax by default
+	// Since app cookie can come from cross site it becomes important to set this in lax mode.
+	// Example person using custom UI on their app domain and making request to authorizer domain.
 	// For more information check:
 	// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
 	// https://github.com/gin-gonic/gin/blob/master/context.go#L86
diff --git a/server/parsers/url.go b/server/parsers/url.go
@@ -11,8 +11,8 @@ import (
 )
 
 // GetHost returns hostname from request context
-// if X-Authorizer-URL header is set it is given highest priority
-// if EnvKeyAuthorizerURL is set it is given second highest priority.
+// if EnvKeyAuthorizerURL is set it is given highest priority.
+// if X-Authorizer-URL header is set it is given second highest priority
 // if above 2 are not set the requesting host name is used
 func GetHost(c *gin.Context) string {
 	authorizerURL, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyAuthorizerURL)

Original file line number	Diff line number	Diff line change
`@@ -30,6 +30,8 @@ func SetSession(gc *gin.Context, sessionID string) {`
`30`	`30`	`}`
`31`	`31`
`32`	`32`	`// Use sameSite = lax by default`
	`33`	`+ // Since app cookie can come from cross site it becomes important to set this in lax mode.`
	`34`	`+ // Example person using custom UI on their app domain and making request to authorizer domain.`
`33`	`35`	`// For more information check:`
`34`	`36`	`// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite`
`35`	`37`	`// https://github.com/gin-gonic/gin/blob/master/context.go#L86`