actix/actix-extras
1
0
Fork 0
mirror of https://github.com/actix/actix-extras.git synced 2024-11-23 15:51:06 +01:00
Code Issues Releases Wiki Activity

set same-site attribute when clearing session cookie (#284)

Browse Source 
fixes #282
This commit is contained in:
Rob Ede 2022-09-11 21:11:33 +01:00 committed by GitHub
parent 9a3b410409
commit eb3660a772
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
actix-session/CHANGES.md
View File

@ -1,8 +1,11 @@
# Changes
## Unreleased - 2021-xx-xx
- Set SameSite attribute when adding a session removal cookie. [#284]
- Minimum supported Rust version (MSRV) is now 1.59 due to transitive `time` dependency.
[#284]: https://github.com/actix/actix-extras/pull/284
## 0.7.1 - 2022-07-24
- Fix interaction between session state changes and renewal. [#265]

3
actix-session/src/middleware.rs
View File

@ -444,7 +444,8 @@ fn delete_session_cookie(
) -> Result<(), anyhow::Error> {
let removal_cookie = Cookie::build(config.name.clone(), "")
.path(config.path.clone())
.http_only(config.http_only);
.http_only(config.http_only)
.same_site(config.same_site);
let mut removal_cookie = if let Some(ref domain) = config.domain {
removal_cookie.domain(domain)