Mark javascript issued cookies with SameSite=Lax

[rails.git] / app / assets / javascripts / index.js

diff --git a/app/assets/javascripts/index.js b/app/assets/javascripts/index.js
index 9305a541595e321cdae3a2040f5b3f29902b17b2..f0b96f59fa95d28aa273d8f0362ae290bdfa565d 100644 (file)
--- a/app/assets/javascripts/index.js
+++ b/app/assets/javascripts/index.js
@@ -188,8 +188,7 @@ $(document).ready(function () {
       map.getLayersCode(),
       map._object);
 
-    Cookies.remove("_osm_location");
-    Cookies.set("_osm_location", OSM.locationCookie(map), { secure: true, expires: expiry, path: "/" });
+    Cookies.set("_osm_location", OSM.locationCookie(map), { secure: true, expires: expiry, path: "/", samesite: "lax" });
   });
 
   if (Cookies.get("_osm_welcome") !== "hide") {
@@ -198,7 +197,7 @@ $(document).ready(function () {
 
   $(".welcome .close").on("click", function () {
     $(".welcome").removeClass("visible");
-    Cookies.set("_osm_welcome", "hide", { secure: true, expires: expiry, path: "/" });
+    Cookies.set("_osm_welcome", "hide", { secure: true, expires: expiry, path: "/", samesite: "lax" });
   });
 
   var bannerExpiry = new Date();
@@ -209,7 +208,7 @@ $(document).ready(function () {
     $("#banner").hide();
     e.preventDefault();
     if (cookieId) {
-      Cookies.set(cookieId, "hide", { secure: true, expires: bannerExpiry, path: "/" });
+      Cookies.set(cookieId, "hide", { secure: true, expires: bannerExpiry, path: "/", samesite: "lax" });
     }
   });