From d66321fe4ed35864e86bb7ebdc9f0e49b25631d7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vin=C3=ADcio=20Augusto?= Date: Mon, 5 Oct 2020 11:39:20 -0300 Subject: [PATCH] session: adds CookieSameSite config to hooks.go#registerSession --- config.go | 7 +++++-- hooks.go | 1 + 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/config.go b/config.go index 0c995293..bd5bf2a1 100644 --- a/config.go +++ b/config.go @@ -15,13 +15,14 @@ package beego import ( + "crypto/tls" "fmt" + "net/http" "os" "path/filepath" "reflect" "runtime" "strings" - "crypto/tls" "github.com/astaxie/beego/config" "github.com/astaxie/beego/context" @@ -108,6 +109,7 @@ type SessionConfig struct { SessionEnableSidInHTTPHeader bool // enable store/get the sessionId into/from http headers SessionNameInHTTPHeader string SessionEnableSidInURLQuery bool // enable get the sessionId from Url Query params + SessionCookieSameSite http.SameSite } // LogConfig holds Log related config @@ -153,7 +155,7 @@ func init() { } appConfigPath = filepath.Join(WorkPath, "conf", filename) if configPath := os.Getenv("BEEGO_CONFIG_PATH"); configPath != "" { - appConfigPath = configPath + appConfigPath = configPath } if !utils.FileExists(appConfigPath) { appConfigPath = filepath.Join(AppPath, "conf", filename) @@ -267,6 +269,7 @@ func newBConfig() *Config { SessionEnableSidInHTTPHeader: false, // enable store/get the sessionId into/from http headers SessionNameInHTTPHeader: "Beegosessionid", SessionEnableSidInURLQuery: false, // enable get the sessionId from Url Query params + SessionCookieSameSite: http.SameSiteDefaultMode, }, }, Log: LogConfig{ diff --git a/hooks.go b/hooks.go index 49c42d5a..0a51e0da 100644 --- a/hooks.go +++ b/hooks.go @@ -61,6 +61,7 @@ func registerSession() error { conf.EnableSidInHTTPHeader = BConfig.WebConfig.Session.SessionEnableSidInHTTPHeader conf.SessionNameInHTTPHeader = BConfig.WebConfig.Session.SessionNameInHTTPHeader conf.EnableSidInURLQuery = BConfig.WebConfig.Session.SessionEnableSidInURLQuery + conf.CookieSameSite = BConfig.WebConfig.Session.SessionCookieSameSite } else { if err = json.Unmarshal([]byte(sessionConfig), conf); err != nil { return err