setting the SameSite cookie policy to lax fixes the issue
This commit is contained in:
Joe Ardent
parent
e18d38c76e
commit
a0959cd10a
2 changed files with 7 additions and 0 deletions
|
|
@ -19,6 +19,12 @@ inserted in the initial get of `/`, or a message indicating failure. To see it s
|
|||
|
||||
and follow the buttons starting from http://localhost:4000/ again to the end.
|
||||
|
||||
## UPDATE!
|
||||
|
||||
The issue I was having, where an inbound request would cause the cookie to not be read until
|
||||
manually triggering a load, was due to the default setting of the `SameSite` cookie policy to
|
||||
"strict". Setting it to "lax" fixes the problem. See https://web.dev/articles/samesite-cookies-explained
|
||||
|
||||
# Why is it called "princess"?
|
||||
|
||||
Because it's the baby version of [Queenie](https://git.kittenclause.com/nebkor/queen), a small
|
||||
|
|
|
|||
|
|
@ -21,6 +21,7 @@ async fn main() {
|
|||
let session_store = MemoryStore::default();
|
||||
let session_layer = SessionManagerLayer::new(session_store)
|
||||
.with_secure(false)
|
||||
.with_same_site(tower_sessions::cookie::SameSite::Lax)
|
||||
.with_expiry(Expiry::OnInactivity(time::Duration::hours(2)));
|
||||
|
||||
let app = Router::new()
|
||||
|
|
|
|||
Loading…
Reference in a new issue