File tree Expand file tree Collapse file tree 1 file changed +11
-0
lines changed Expand file tree Collapse file tree 1 file changed +11
-0
lines changed Original file line number Diff line number Diff line change @@ -89,6 +89,8 @@ type Options struct {
8989 Secure bool
9090 // Cookie life time. Default is 0.
9191 CookieLifeTime int
92+ // Cookie SameSite default is false (Lax), can be set to true (Strict)
93+ CookieSameSite bool
9294 // Cookie domain name. Default is empty.
9395 Domain string
9496 // Session ID length. Default is 16.
@@ -130,6 +132,9 @@ func prepareOptions(options []Options) Options {
130132 if ! opt .Secure {
131133 opt .Secure = sec .Key ("SECURE" ).MustBool ()
132134 }
135+ if ! opt .CookieSameSite {
136+ opt .CookieSameSite = sec .Key ("COOKIE_SAME_SITE" ).MustBool ()
137+ }
133138 if opt .CookieLifeTime == 0 {
134139 opt .CookieLifeTime = sec .Key ("COOKIE_LIFE_TIME" ).MustInt ()
135140 }
@@ -292,13 +297,19 @@ func (m *Manager) Start(ctx *macaron.Context) (RawStore, error) {
292297 return nil , err
293298 }
294299
300+ sameSite := http .SameSiteLaxMode
301+ if m .opt .CookieSameSite {
302+ sameSite = http .SameSiteStrictMode
303+ }
304+
295305 cookie := & http.Cookie {
296306 Name : m .opt .CookieName ,
297307 Value : sid ,
298308 Path : m .opt .CookiePath ,
299309 HttpOnly : true ,
300310 Secure : m .opt .Secure ,
301311 Domain : m .opt .Domain ,
312+ SameSite : sameSite ,
302313 }
303314 if m .opt .CookieLifeTime >= 0 {
304315 cookie .MaxAge = m .opt .CookieLifeTime
You can’t perform that action at this time.
0 commit comments