diff options
| -rw-r--r-- | http.c | 13 |
1 files changed, 7 insertions, 6 deletions
@@ -2533,15 +2533,16 @@ char *http_cookie_create(const char *const key, const char *const value) struct dynstr d; dynstr_init(&d); - dynstr_append_or_ret_null(&d, "%s=%s; HttpOnly", key, value); - if (append_expire(&d)) - { - dynstr_free(&d); - return NULL; - } + if (dynstr_append(&d, "%s=%s; HttpOnly; SameSite=Strict", key, value) + || append_expire(&d)) + goto failure; return d.str; + +failure: + dynstr_free(&d); + return NULL; } int http_update(struct http_ctx *const h, bool *const write, bool *const close) |