Set SameSite=None on session cookie

4 years ago · 424bd55816
parent 3e282e4c85
commit 424bd55816
1 changed files with 1 additions and 0 deletions
--- a/session.go
+++ b/session.go
@ -40,6 +40,7 @@ func (app *App) InitSession() {
 		MaxAge:   sessionLength,
 		HttpOnly: true,
 		Secure:   strings.HasPrefix(app.cfg.App.Host, "https://"),
+		SameSite: http.SameSiteNoneMode,
 	}
 	app.sessionStore = store
 }