diff options
author | Thomas Steur <tsteur@users.noreply.github.com> | 2020-01-29 03:54:07 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-01-29 03:54:07 +0300 |
commit | 162513d7608a43d53f178f744543e30dafc15f9b (patch) | |
tree | c013754653161592ea44735ad7e81842199f6001 /libs | |
parent | bc2631cff4d12ff6af6d3a2d866802aa3cc4ed19 (diff) |
Use SameSite none for session token when embedded into iframe (#15439)
Diffstat (limited to 'libs')
-rw-r--r-- | libs/Zend/Session.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/libs/Zend/Session.php b/libs/Zend/Session.php index 793f76b8ed..3f21dcd9e6 100644 --- a/libs/Zend/Session.php +++ b/libs/Zend/Session.php @@ -341,7 +341,7 @@ class Zend_Session extends Zend_Session_Abstract } if (stripos($cookieHeader, 'SameSite') === false) { - $cookieHeader .= '; SameSite=Lax'; + $cookieHeader .= '; SameSite=' . \Piwik\Session::getSameSiteCookieValue(); header($cookieHeader); } } @@ -798,7 +798,7 @@ class Zend_Session extends Zend_Session_Abstract $cookie_params['domain'], $cookie_params['secure'], false, - 'lax' + \Piwik\Session::getSameSiteCookieValue() ); } } |