diff options
Diffstat (limited to '')
-rw-r--r-- | app.js | 2 | ||||
-rw-r--r-- | app.json | 4 |
2 files changed, 5 insertions, 1 deletions
@@ -147,7 +147,7 @@ app.use(session({ rolling: true, // reset maxAge on every response cookie: { maxAge: config.sessionLife, - sameSite: 'lax', + sameSite: config.cookiePolicy, // be careful: setting a SameSite value of none without https breaks the editor secure: config.useSSL || config.protocolUseSSL || false }, store: sessionStore @@ -56,6 +56,10 @@ "description": "set to use ssl protocol for resources path (only applied when domain is set)", "required": false }, + "CMD_COOKIE_POLICY": { + "description": "Set whether cookies should be sent cross-origin (SameSite value)", + "required": false + }, "CMD_URL_ADDPORT": { "description": "set to add port on callback url (port 80 or 443 won't applied) (only applied when domain is set)", "required": false |