setting the SameSite cookie policy to lax fixes the issue
This commit is contained in:
parent
e18d38c76e
commit
a0959cd10a
2 changed files with 7 additions and 0 deletions
|
@ -19,6 +19,12 @@ inserted in the initial get of `/`, or a message indicating failure. To see it s
|
||||||
|
|
||||||
and follow the buttons starting from http://localhost:4000/ again to the end.
|
and follow the buttons starting from http://localhost:4000/ again to the end.
|
||||||
|
|
||||||
|
## UPDATE!
|
||||||
|
|
||||||
|
The issue I was having, where an inbound request would cause the cookie to not be read until
|
||||||
|
manually triggering a load, was due to the default setting of the `SameSite` cookie policy to
|
||||||
|
"strict". Setting it to "lax" fixes the problem. See https://web.dev/articles/samesite-cookies-explained
|
||||||
|
|
||||||
# Why is it called "princess"?
|
# Why is it called "princess"?
|
||||||
|
|
||||||
Because it's the baby version of [Queenie](https://git.kittenclause.com/nebkor/queen), a small
|
Because it's the baby version of [Queenie](https://git.kittenclause.com/nebkor/queen), a small
|
||||||
|
|
|
@ -21,6 +21,7 @@ async fn main() {
|
||||||
let session_store = MemoryStore::default();
|
let session_store = MemoryStore::default();
|
||||||
let session_layer = SessionManagerLayer::new(session_store)
|
let session_layer = SessionManagerLayer::new(session_store)
|
||||||
.with_secure(false)
|
.with_secure(false)
|
||||||
|
.with_same_site(tower_sessions::cookie::SameSite::Lax)
|
||||||
.with_expiry(Expiry::OnInactivity(time::Duration::hours(2)));
|
.with_expiry(Expiry::OnInactivity(time::Duration::hours(2)));
|
||||||
|
|
||||||
let app = Router::new()
|
let app = Router::new()
|
||||||
|
|
Loading…
Reference in a new issue