mirror of
https://github.com/Radarr/Radarr.git
synced 2024-10-26 22:52:40 +02:00
Fixed: Set SameSite=Strict for SonarrAuth cookie
(cherry picked from commit 675c72f02e7565a937b40c23ec27df6d86f95dc3)
This commit is contained in:
parent
5d5e66f0d7
commit
fc12770495
@ -4,7 +4,6 @@
|
|||||||
using Nancy.Authentication.Basic;
|
using Nancy.Authentication.Basic;
|
||||||
using Nancy.Authentication.Forms;
|
using Nancy.Authentication.Forms;
|
||||||
using Nancy.Bootstrapper;
|
using Nancy.Bootstrapper;
|
||||||
using Nancy.Cookies;
|
|
||||||
using Nancy.Cryptography;
|
using Nancy.Cryptography;
|
||||||
using NzbDrone.Common.Extensions;
|
using NzbDrone.Common.Extensions;
|
||||||
using NzbDrone.Core.Authentication;
|
using NzbDrone.Core.Authentication;
|
||||||
@ -117,7 +116,7 @@ private void SlidingAuthenticationForFormsAuth(NancyContext context)
|
|||||||
|
|
||||||
if (FormsAuthentication.DecryptAndValidateAuthenticationCookie(formsAuthCookieValue, _formsAuthConfig).IsNotNullOrWhiteSpace())
|
if (FormsAuthentication.DecryptAndValidateAuthenticationCookie(formsAuthCookieValue, _formsAuthConfig).IsNotNullOrWhiteSpace())
|
||||||
{
|
{
|
||||||
var formsAuthCookie = new NancyCookie(formsAuthCookieName, formsAuthCookieValue, true, false, DateTime.UtcNow.AddDays(7))
|
var formsAuthCookie = new RadarrNancyCookie(formsAuthCookieName, formsAuthCookieValue, true, false, DateTime.UtcNow.AddDays(7))
|
||||||
{
|
{
|
||||||
Path = GetCookiePath()
|
Path = GetCookiePath()
|
||||||
};
|
};
|
||||||
|
38
src/Radarr.Http/Authentication/RadarrNancyCookie.cs
Normal file
38
src/Radarr.Http/Authentication/RadarrNancyCookie.cs
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
using System;
|
||||||
|
using Nancy.Cookies;
|
||||||
|
|
||||||
|
namespace Radarr.Http.Authentication
|
||||||
|
{
|
||||||
|
public class RadarrNancyCookie : NancyCookie
|
||||||
|
{
|
||||||
|
public RadarrNancyCookie(string name, string value)
|
||||||
|
: base(name, value)
|
||||||
|
{
|
||||||
|
}
|
||||||
|
|
||||||
|
public RadarrNancyCookie(string name, string value, DateTime expires)
|
||||||
|
: base(name, value, expires)
|
||||||
|
{
|
||||||
|
}
|
||||||
|
|
||||||
|
public RadarrNancyCookie(string name, string value, bool httpOnly)
|
||||||
|
: base(name, value, httpOnly)
|
||||||
|
{
|
||||||
|
}
|
||||||
|
|
||||||
|
public RadarrNancyCookie(string name, string value, bool httpOnly, bool secure)
|
||||||
|
: base(name, value, httpOnly, secure)
|
||||||
|
{
|
||||||
|
}
|
||||||
|
|
||||||
|
public RadarrNancyCookie(string name, string value, bool httpOnly, bool secure, DateTime? expires)
|
||||||
|
: base(name, value, httpOnly, secure, expires)
|
||||||
|
{
|
||||||
|
}
|
||||||
|
|
||||||
|
public override string ToString()
|
||||||
|
{
|
||||||
|
return base.ToString() + "; SameSite=Strict";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user