From 0811608a33f8d80e13d4ca57b7ec28ec45cddab5 Mon Sep 17 00:00:00 2001 From: clagio Date: Sat, 18 Jan 2020 12:34:16 +1200 Subject: [PATCH 1/2] Added support for SameSite=None --- ngx_http_cookie_flag_filter_module.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/ngx_http_cookie_flag_filter_module.c b/ngx_http_cookie_flag_filter_module.c index b0316aa..692b3bd 100644 --- a/ngx_http_cookie_flag_filter_module.c +++ b/ngx_http_cookie_flag_filter_module.c @@ -11,6 +11,7 @@ typedef struct { ngx_flag_t secure; ngx_flag_t samesite; ngx_flag_t samesite_lax; + ngx_flag_t samesite_none; ngx_flag_t samesite_strict; } ngx_http_cookie_t; @@ -164,6 +165,7 @@ ngx_http_cookie_flag_filter_cmd(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) cookie->secure = 0; cookie->samesite = 0; cookie->samesite_lax = 0; + cookie->samesite_none = 0; cookie->samesite_strict = 0; // normalize and check 2nd and 3rd parameters @@ -176,6 +178,8 @@ ngx_http_cookie_flag_filter_cmd(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) cookie->samesite = 1; } else if (ngx_strncasecmp(value[i].data, (u_char *) "samesite=lax", 12) == 0 && value[i].len == 12) { cookie->samesite_lax = 1; + } else if (ngx_strncasecmp(value[i].data, (u_char *) "samesite=none", 13) == 0 && value[i].len == 13) { + cookie->samesite_none = 1; } else if (ngx_strncasecmp(value[i].data, (u_char *) "samesite=strict", 15) == 0 && value[i].len == 15) { cookie->samesite_strict = 1; } else { @@ -277,6 +281,16 @@ ngx_http_cookie_flag_filter_append(ngx_http_request_t *r, ngx_http_cookie_t *coo header->value.len = tmp.len; } + if (cookie->samesite_none == 1 && ngx_strcasestrn(header->value.data, "; SameSite=None", 15 - 1) == NULL) { + tmp.data = ngx_pnalloc(r->pool, header->value.len + sizeof("; SameSite=None") - 1); + if (tmp.data == NULL) { + return NGX_ERROR; + } + tmp.len = ngx_sprintf(tmp.data, "%V; SameSite=None", &header->value) - tmp.data; + header->value.data = tmp.data; + header->value.len = tmp.len; + } + if (cookie->samesite_strict == 1 && ngx_strcasestrn(header->value.data, "; SameSite=Strict", 17 - 1) == NULL) { tmp.data = ngx_pnalloc(r->pool, header->value.len + sizeof("; SameSite=Strict") - 1); if (tmp.data == NULL) { @@ -365,3 +379,4 @@ ngx_http_cookie_flag_filter_handler(ngx_http_request_t *r) return ngx_http_next_header_filter(r); } + From 9a7761a9aa78c6b90b25beb0f6e80467c8821572 Mon Sep 17 00:00:00 2001 From: clagio Date: Fri, 24 Jan 2020 15:15:00 +1300 Subject: [PATCH 2/2] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index e8e71fc..1c646ad 100644 --- a/README.md +++ b/README.md @@ -52,11 +52,11 @@ It is possible to set a default value using symbol "*". In this case flags will -| - --- | --- -**Syntax** | **set_cookie_flag** \ [HttpOnly] [secure] [SameSite\|SameSite=[Lax\|Strict]]; +**Syntax** | **set_cookie_flag** \ [HttpOnly] [secure] [SameSite\|SameSite=[Lax\|Strict\|None]]; **Default** | - **Context** | server, location Description: Add flag to desired cookie. ## Author -Anton Saraykin [] \ No newline at end of file +Anton Saraykin []