Project

General

Profile

Defect #35226 » 35226-v2.patch

Go MAEDA, 2021-05-13 08:28

View differences:

app/controllers/account_controller.rb
404 404
      :value => token,
405 405
      :expires => 1.year.from_now,
406 406
      :path => (Redmine::Configuration['autologin_cookie_path'] || RedmineApp::Application.config.relative_url_root || '/'),
407
      :same_site => :lax,
407 408
      :secure => secure,
408 409
      :httponly => true
409 410
    }
config/application.rb
79 79
    config.session_store(
80 80
      :cookie_store,
81 81
      :key => '_redmine_session',
82
      :path => config.relative_url_root || '/'
82
      :path => config.relative_url_root || '/',
83
      :same_site => :lax
83 84
    )
84 85

  
85 86
    if File.exists?(File.join(File.dirname(__FILE__), 'additional_environment.rb'))
public/javascripts/application.js
1033 1033

  
1034 1034
  $('#history .tabs').on('click', 'a', function(e){
1035 1035
    var tab = $(e.target).attr('id').replace('tab-','');
1036
    document.cookie = 'history_last_tab=' + tab
1036
    document.cookie = 'history_last_tab=' + tab + '; SameSite=Lax'
1037 1037
  });
1038 1038
});
1039 1039

  
(2-2/2)