summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/config/default.js1
-rw-r--r--lib/config/environment.js1
-rw-r--r--lib/config/index.js5
-rw-r--r--lib/web/auth/oauth2/index.js3
-rw-r--r--lib/web/note/util.js3
-rw-r--r--lib/web/statusRouter.js3
6 files changed, 13 insertions, 3 deletions
diff --git a/lib/config/default.js b/lib/config/default.js
index 9284882a..38bb164b 100644
--- a/lib/config/default.js
+++ b/lib/config/default.js
@@ -27,6 +27,7 @@ module.exports = {
upgradeInsecureRequests: 'auto',
reportURI: undefined
},
+ cookiePolicy: 'lax',
protocolUseSSL: false,
useCDN: false,
allowAnonymous: true,
diff --git a/lib/config/environment.js b/lib/config/environment.js
index 2d76286f..cf9fb5a1 100644
--- a/lib/config/environment.js
+++ b/lib/config/environment.js
@@ -22,6 +22,7 @@ module.exports = {
enable: toBooleanConfig(process.env.CMD_CSP_ENABLE),
reportURI: process.env.CMD_CSP_REPORTURI
},
+ cookiePolicy: process.env.CMD_COOKIE_POLICY,
protocolUseSSL: toBooleanConfig(process.env.CMD_PROTOCOL_USESSL),
allowOrigin: toArrayConfig(process.env.CMD_ALLOW_ORIGIN),
useCDN: toBooleanConfig(process.env.CMD_USECDN),
diff --git a/lib/config/index.js b/lib/config/index.js
index ee4817b3..b5461a8d 100644
--- a/lib/config/index.js
+++ b/lib/config/index.js
@@ -51,6 +51,11 @@ if (['debug', 'verbose', 'info', 'warn', 'error'].includes(config.loglevel)) {
logger.error('Selected loglevel %s doesn\'t exist, using default level \'debug\'. Available options: debug, verbose, info, warn, error', config.loglevel)
}
+if (!['strict', 'lax', 'none'].includes(config.cookiePolicy)) {
+ logger.error('Cookie SameSite policy %s does not exist. Falling back to lax. Available values are: strict, lax, none.', config.cookiePolicy)
+ config.cookiePolicy = 'lax'
+}
+
// load LDAP CA
if (config.ldap.tlsca) {
let ca = config.ldap.tlsca.split(',')
diff --git a/lib/web/auth/oauth2/index.js b/lib/web/auth/oauth2/index.js
index 1865ad54..6e3e8373 100644
--- a/lib/web/auth/oauth2/index.js
+++ b/lib/web/auth/oauth2/index.js
@@ -90,7 +90,8 @@ passport.use(new OAuth2CustomStrategy({
clientSecret: config.oauth2.clientSecret,
callbackURL: config.serverURL + '/auth/oauth2/callback',
userProfileURL: config.oauth2.userProfileURL,
- scope: config.oauth2.scope
+ scope: config.oauth2.scope,
+ state: true
}, passportGeneralCallback))
oauth2Auth.get('/auth/oauth2', function (req, res, next) {
diff --git a/lib/web/note/util.js b/lib/web/note/util.js
index f1af1300..9c6c1c8a 100644
--- a/lib/web/note/util.js
+++ b/lib/web/note/util.js
@@ -59,7 +59,8 @@ exports.newNote = function (req, res, body) {
models.Note.create({
ownerId: owner,
alias: req.alias ? req.alias : null,
- content: body
+ content: body,
+ title: models.Note.parseNoteTitle(body)
}).then(function (note) {
return res.redirect(config.serverURL + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id)))
}).catch(function (err) {
diff --git a/lib/web/statusRouter.js b/lib/web/statusRouter.js
index 025aafd4..febe2df3 100644
--- a/lib/web/statusRouter.js
+++ b/lib/web/statusRouter.js
@@ -97,7 +97,8 @@ statusRouter.get('/config', function (req, res) {
version: config.fullversion,
DROPBOX_APP_KEY: config.dropbox.appKey,
allowedUploadMimeTypes: config.allowedUploadMimeTypes,
- linkifyHeaderStyle: config.linkifyHeaderStyle
+ linkifyHeaderStyle: config.linkifyHeaderStyle,
+ cookiePolicy: config.cookiePolicy
}
res.set({
'Cache-Control': 'private', // only cache by client
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-05 23:55:40 +0000