Use SameSite=Strict for session cookie

2024-04-07 21:38:10 -06:00 · 2024-04-07 21:38:10 -06:00 · 961c60a183
commit 961c60a183
parent fed06cd155
1 changed files with 1 additions and 0 deletions
--- a/app/src/main/kotlin/com/wbrawner/twigs/server/Application.kt
+++ b/app/src/main/kotlin/com/wbrawner/twigs/server/Application.kt
@ -208,6 +208,7 @@ fun Application.moduleWithDependencies(
            }
            cookie.httpOnly = true
            cookie.secure = true
            cookie.extensions["SameSite"] = "Strict"
        }
    }
    install(ContentNegotiation) {