From f22f0150e8523ece2692ff681d7c4bd8868e4950 Mon Sep 17 00:00:00 2001
From: eikek <eike.kettner@posteo.de>
Date: Sun, 27 Feb 2022 22:57:31 +0100
Subject: [PATCH] Set samesite=strict for all cookies

---
 .../src/main/scala/docspell/restserver/auth/CookieData.scala   | 3 ++-
 .../scala/docspell/restserver/auth/RememberCookieData.scala    | 3 ++-
 .../main/scala/docspell/restserver/auth/ShareCookieData.scala  | 3 ++-
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/modules/restserver/src/main/scala/docspell/restserver/auth/CookieData.scala b/modules/restserver/src/main/scala/docspell/restserver/auth/CookieData.scala
index 03d5cffa..531ed9bf 100644
--- a/modules/restserver/src/main/scala/docspell/restserver/auth/CookieData.scala
+++ b/modules/restserver/src/main/scala/docspell/restserver/auth/CookieData.scala
@@ -26,7 +26,8 @@ case class CookieData(auth: AuthToken) {
       domain = None,
       path = Some(path.asString),
       httpOnly = true,
-      secure = sec
+      secure = sec,
+      sameSite = Some(SameSite.Strict)
     )
   }
 
diff --git a/modules/restserver/src/main/scala/docspell/restserver/auth/RememberCookieData.scala b/modules/restserver/src/main/scala/docspell/restserver/auth/RememberCookieData.scala
index 65b4ed9b..b8d2dee1 100644
--- a/modules/restserver/src/main/scala/docspell/restserver/auth/RememberCookieData.scala
+++ b/modules/restserver/src/main/scala/docspell/restserver/auth/RememberCookieData.scala
@@ -24,7 +24,8 @@ case class RememberCookieData(token: RememberToken) {
       path = Some(path.asString),
       httpOnly = true,
       secure = sec,
-      maxAge = Some(config.valid.seconds)
+      maxAge = Some(config.valid.seconds),
+      sameSite = Some(SameSite.Strict)
     )
   }
 
diff --git a/modules/restserver/src/main/scala/docspell/restserver/auth/ShareCookieData.scala b/modules/restserver/src/main/scala/docspell/restserver/auth/ShareCookieData.scala
index 0c3b0bdf..beedc54e 100644
--- a/modules/restserver/src/main/scala/docspell/restserver/auth/ShareCookieData.scala
+++ b/modules/restserver/src/main/scala/docspell/restserver/auth/ShareCookieData.scala
@@ -26,7 +26,8 @@ final case class ShareCookieData(token: ShareToken) {
       httpOnly = true,
       secure = sec,
       maxAge = None,
-      expires = None
+      expires = None,
+      sameSite = Some(SameSite.Strict)
     )
   }