feat: add secure and samesite policy for sid

This commit is contained in:
Oliver Booth 2024-02-25 16:00:15 +00:00
parent 2431eda6f5
commit 8f96251f94
Signed by: oliverbooth
GPG Key ID: E60B570D1B7557B5

View File

@ -98,7 +98,12 @@ internal sealed class SessionService : BackgroundService, ISessionService
IPAddress? remoteIpAddress = response.HttpContext.Connection.RemoteIpAddress; IPAddress? remoteIpAddress = response.HttpContext.Connection.RemoteIpAddress;
_logger.LogDebug("Writing cookie 'sid' to HTTP response for {RemoteAddr}", remoteIpAddress); _logger.LogDebug("Writing cookie 'sid' to HTTP response for {RemoteAddr}", remoteIpAddress);
response.Cookies.Append("sid", Convert.ToBase64String(buffer), new CookieOptions { Expires = DateTimeOffset.UtcNow + TimeSpan.FromDays(30) }); response.Cookies.Append("sid", Convert.ToBase64String(buffer), new CookieOptions
{
Expires = DateTimeOffset.UtcNow + TimeSpan.FromDays(30),
Secure = true,
SameSite = SameSiteMode.Strict
});
} }
/// <inheritdoc /> /// <inheritdoc />