Skip to content

Commit b750b31

Browse files
DaniilDemdandemchenko
andauthored
fix(incompatible): improve incompatible cookie security (#66)
Co-authored-by: dandemchenko <dandemchenko@yandex-team.ru>
1 parent 2b1c7b0 commit b750b31

1 file changed

Lines changed: 2 additions & 1 deletion

File tree

  • src/plugins/incompatible-warning

src/plugins/incompatible-warning/index.ts

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -277,7 +277,8 @@ function getInlineScript(): string {
277277
278278
if (button) {
279279
button.addEventListener('click', function() {
280-
document.cookie = '${INCOMPATIBLE_COOKIE}=1; max-age=${INCOMPATIBLE_COOKIE_EXPIRED}; path=/';
280+
var secure = location.protocol === 'https:' ? '; Secure' : '';
281+
document.cookie = '${INCOMPATIBLE_COOKIE}=1; max-age=${INCOMPATIBLE_COOKIE_EXPIRED}; path=/; SameSite=Lax' + secure;
281282
window.location.reload();
282283
});
283284
}

0 commit comments

Comments
 (0)