diff options
| -rw-r--r-- | pkg/web/cookie/cookie_test.go | 8 | ||||
| -rw-r--r-- | pkg/web/cookie/new.go | 2 |
2 files changed, 6 insertions, 4 deletions
diff --git a/pkg/web/cookie/cookie_test.go b/pkg/web/cookie/cookie_test.go index 9ac1817..f7f013d 100644 --- a/pkg/web/cookie/cookie_test.go +++ b/pkg/web/cookie/cookie_test.go @@ -1,6 +1,7 @@ package cookie import ( + "net/http" "testing" "time" @@ -13,9 +14,10 @@ func TestCookie(t *testing.T) { t.Run("returns a cookie pinned to the HOST", func(t *testing.T) { env.With(env.Vars{"HOST": "sparkle.example.com"}, func() { cookie := New("name", "value", time.Now().Add(1*time.Minute)) - assert.Equal(t, cookie.Domain, "sparkle.example.com") - assert.Equal(t, cookie.HttpOnly, true) - assert.Equal(t, cookie.Secure, true) + assert.Equal(t, "sparkle.example.com", cookie.Domain) + assert.Equal(t, true, cookie.HttpOnly) + assert.Equal(t, true, cookie.Secure) + assert.Equal(t, http.SameSiteStrictMode, cookie.SameSite) }) }) }) diff --git a/pkg/web/cookie/new.go b/pkg/web/cookie/new.go index 335b305..d4d0700 100644 --- a/pkg/web/cookie/new.go +++ b/pkg/web/cookie/new.go @@ -16,7 +16,7 @@ func New(name, value string, expires time.Time) *http.Cookie { Path: "/", HttpOnly: true, Secure: true, - SameSite: http.SameSiteDefaultMode, + SameSite: http.SameSiteStrictMode, Domain: env.Fetch("HOST", "localhost"), } } |