WebServerSession "samesite=none ; secure" together

manatlan · Oct 14, 2024 · 3b76865 · 3b76865
1 parent 30317a6
commit 3b76865
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/htagweb/runners.py b/htagweb/runners.py
@@ -69,9 +69,9 @@ async def __call__(self, scope: Scope, receive: Receive, send: Send) -> None:
         else:
             uid = str(uuid.uuid4())
 
-        security_flags = "httponly; samesite=none"
+        security_flags = "httponly"
         if connection.headers.get("X-Forwarded-Proto") == "https":  # Secure flag can be used with HTTPS only
-            security_flags += "; secure"
+            security_flags += "; samesite=none ; secure"            
 
         #!!!!!!!!!!!!!!!!!!!!!!!!!!!
         scope["uid"]     = uid