Patch by Go MAEDA. git-svn-id: http://svn.redmine.org/redmine/trunk@21009 e93f8b46-1217-0410-a6f0-8f06a7374b81tags/5.0.0
@@ -404,6 +404,7 @@ class AccountController < ApplicationController | |||
:value => token, | |||
:expires => 1.year.from_now, | |||
:path => (Redmine::Configuration['autologin_cookie_path'] || RedmineApp::Application.config.relative_url_root || '/'), | |||
:same_site => :lax, | |||
:secure => secure, | |||
:httponly => true | |||
} |
@@ -79,7 +79,8 @@ module RedmineApp | |||
config.session_store( | |||
:cookie_store, | |||
:key => '_redmine_session', | |||
:path => config.relative_url_root || '/' | |||
:path => config.relative_url_root || '/', | |||
:same_site => :lax | |||
) | |||
if File.exists?(File.join(File.dirname(__FILE__), 'additional_environment.rb')) |
@@ -1033,7 +1033,7 @@ $(document).ready(function(){ | |||
$('#history .tabs').on('click', 'a', function(e){ | |||
var tab = $(e.target).attr('id').replace('tab-',''); | |||
document.cookie = 'history_last_tab=' + tab | |||
document.cookie = 'history_last_tab=' + tab + '; SameSite=Lax' | |||
}); | |||
}); | |||