set samesite to strict
This commit is contained in:
parent
4c3f4d719f
commit
fa8d7b4223
4 changed files with 4 additions and 3 deletions
|
@ -24,7 +24,7 @@ export async function POST({ request, cookies }) {
|
||||||
|
|
||||||
const session = await createSession(user.id);
|
const session = await createSession(user.id);
|
||||||
|
|
||||||
cookies.set(COOKIE, session.id, { path: '/' });
|
cookies.set(COOKIE, session.id, { path: '/', sameSite: 'strict' });
|
||||||
|
|
||||||
return json(
|
return json(
|
||||||
{
|
{
|
||||||
|
|
|
@ -19,7 +19,7 @@ export async function POST({ request, cookies }) {
|
||||||
const user = await createUser(username, email, password);
|
const user = await createUser(username, email, password);
|
||||||
const session = await createSession(user.id);
|
const session = await createSession(user.id);
|
||||||
|
|
||||||
cookies.set(COOKIE, session.id, { path: '/' });
|
cookies.set(COOKIE, session.id, { path: '/', sameSite: 'strict' });
|
||||||
|
|
||||||
return json(
|
return json(
|
||||||
{
|
{
|
||||||
|
|
|
@ -4,7 +4,8 @@ import { vitePreprocess } from '@sveltejs/vite-plugin-svelte';
|
||||||
/** @type {import('@sveltejs/kit').Config} */
|
/** @type {import('@sveltejs/kit').Config} */
|
||||||
const config = {
|
const config = {
|
||||||
kit: {
|
kit: {
|
||||||
adapter: adapter()
|
adapter: adapter(),
|
||||||
|
csrf: { checkOrigin: false }
|
||||||
},
|
},
|
||||||
preprocess: vitePreprocess()
|
preprocess: vitePreprocess()
|
||||||
};
|
};
|
||||||
|
|
Loading…
Reference in a new issue