Diplomarbeit-Absolventenverein/oqtane.framework
6
0
Fork 0
Code Issues 1 Pull Requests 1 Packages Projects Releases Wiki Activity

Update cookie options to set SameSite, HttpOnly, Secure settings

Browse Source
This commit is contained in:
Cody
2024-10-05 13:23:09 -07:00
committed by GitHub
parent e526deac20
commit bd2153a0ed
1 changed files with 11 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
Oqtane.Client/Themes/Controls/Theme/LanguageSwitcher.razor
View File

@ -54,7 +54,16 @@
if (_supportedCultures.Any(item => item.Name == culture))
{
var localizationCookieValue = CookieRequestCultureProvider.MakeCookieValue(new RequestCulture(culture));
HttpContext.Response.Cookies.Append(CookieRequestCultureProvider.DefaultCookieName, localizationCookieValue, new CookieOptions { Path = "/", Expires = DateTimeOffset.UtcNow.AddYears(365) });
HttpContext.Response.Cookies.Append(CookieRequestCultureProvider.DefaultCookieName, localizationCookieValue, new CookieOptions
{
Path = "/",
Expires = DateTimeOffset.UtcNow.AddYears(365),
SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Lax, // Set SameSite attribute
Secure = true, // Ensure the cookie is only sent over HTTPS
HttpOnly = true // Optional: Helps mitigate XSS attacks
});
}
NavigationManager.NavigateTo(NavigationManager.Uri.Replace($"?culture={culture}", ""), true);
}
@ -66,7 +75,7 @@
{
var localizationCookieValue = CookieRequestCultureProvider.MakeCookieValue(new RequestCulture(culture));
var interop = new Interop(JSRuntime);
await interop.SetCookie(CookieRequestCultureProvider.DefaultCookieName, localizationCookieValue, 360);
await interop.SetCookie(CookieRequestCultureProvider.DefaultCookieName, localizationCookieValue, 360, true, true, "Lax");
NavigationManager.NavigateTo(NavigationManager.Uri, true);
}
}