sophie/nuke
1
0
Fork 0
Code Packages 1 Activity Actions

feat: fallback to SameSite Lax mode if cookie is not secure (#1105)

Browse source 
Also, will allow to set cookie `SameSite` mode on command line or
environment. Note that `None` mode will be forced to ``Lax`` if
cookie is set to not be secure.

Signed-off-by: Valentin Lab <valentin.lab@kalysto.org>
This commit is contained in:
Valentin Lab 2025-09-13 18:56:54 +08:00 committed by GitHub
parent 401e18f29f
commit 29ae2a4b87
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 94 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

1
docs/docs/CHANGELOG.md
View file

@ -13,6 +13,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
<!-- This changes the project to: -->
- Add `COOKIE_SAME_SITE_MODE` to force anubis cookies SameSite value, and downgrade automatically from `None` to `Lax` if cookie is insecure.
- Fix lock convoy problem in decaymap ([#1103](https://github.com/TecharoHQ/anubis/issues/1103)).
- Fix lock convoy problem in bbolt by implementing the actor pattern ([#1103](https://github.com/TecharoHQ/anubis/issues/1103)).
- Document missing environment variables in installation guide: `SLOG_LEVEL`, `COOKIE_PREFIX`, `FORCED_LANGUAGE`, and `TARGET_DISABLE_KEEPALIVE` ([#1086](https://github.com/TecharoHQ/anubis/pull/1086)).