Only use SameSite=None on Secure site
This fixes logging in when developing on newer versions of Chrome.
This commit is contained in:
parent
2903c86875
commit
4565c6dd90
|
@ -40,7 +40,9 @@ func (app *App) InitSession() {
|
|||
MaxAge: sessionLength,
|
||||
HttpOnly: true,
|
||||
Secure: strings.HasPrefix(app.cfg.App.Host, "https://"),
|
||||
SameSite: http.SameSiteNoneMode,
|
||||
}
|
||||
if store.Options.Secure {
|
||||
store.Options.SameSite = http.SameSiteNoneMode
|
||||
}
|
||||
app.sessionStore = store
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue