Only use SameSite=None on Secure site
This fixes logging in when developing on newer versions of Chrome.
This commit is contained in:
parent
2903c86875
commit
4565c6dd90
|
@ -40,7 +40,9 @@ func (app *App) InitSession() {
|
||||||
MaxAge: sessionLength,
|
MaxAge: sessionLength,
|
||||||
HttpOnly: true,
|
HttpOnly: true,
|
||||||
Secure: strings.HasPrefix(app.cfg.App.Host, "https://"),
|
Secure: strings.HasPrefix(app.cfg.App.Host, "https://"),
|
||||||
SameSite: http.SameSiteNoneMode,
|
}
|
||||||
|
if store.Options.Secure {
|
||||||
|
store.Options.SameSite = http.SameSiteNoneMode
|
||||||
}
|
}
|
||||||
app.sessionStore = store
|
app.sessionStore = store
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue