fix: use SameSite=Lax for session cookie

gw2auth · Jan 27, 2024 · 7703f5a · 7703f5a
1 parent 89b46d9
commit 7703f5a
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/web/middleware.go b/web/middleware.go
@@ -113,7 +113,7 @@ func AuthenticatedMiddleware(conv *service.SessionJwtConverter) echo.MiddlewareF
 			Expires:  exp,
 			Secure:   cookie.Secure || isSecure(c),
 			HttpOnly: true,
-			SameSite: http.SameSiteStrictMode,
+			SameSite: http.SameSiteLaxMode,
 		}
 		c.SetCookie(cookie)
 	}