set sameSite attributes to none

nokazn · Feb 10, 2021 · 8b9dac0 · 8b9dac0
1 parent a68bc1f
commit 8b9dac0
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 1 deletion.
diff --git a/instagram-auth/functions/index.js b/instagram-auth/functions/index.js
@@ -64,6 +64,7 @@ exports.redirect = functions.https.onRequest((req, res) => {
       maxAge: 3600000,
       secure: true,
       httpOnly: true,
+      sameSite: 'none',
     });
     const redirectUri = oauth2.authorizationCode.authorizeURL({
       redirect_uri: OAUTH_REDIRECT_URI,

diff --git a/linkedin-auth/functions/index.js b/linkedin-auth/functions/index.js
@@ -56,6 +56,7 @@ exports.redirect = functions.https.onRequest((req, res) => {
       maxAge: 3600000,
       secure: true,
       httpOnly: true,
+      sameSite: 'none',
     });
     Linkedin.auth.authorize(res, OAUTH_SCOPES, state.toString());
   });

diff --git a/spotify-auth/functions/index.js b/spotify-auth/functions/index.js
@@ -48,7 +48,7 @@ exports.redirect = functions.https.onRequest((req, res) => {
   cookieParser()(req, res, () => {
     const state = req.cookies.state || crypto.randomBytes(20).toString('hex');
     console.log('Setting verification state:', state);
-    res.cookie('state', state.toString(), {maxAge: 3600000, secure: true, httpOnly: true});
+    res.cookie('state', state.toString(), {maxAge: 3600000, secure: true, httpOnly: true, sameSite: 'none'});
     const authorizeURL = Spotify.createAuthorizeURL(OAUTH_SCOPES, state.toString());
     res.redirect(authorizeURL);
   });