fix: use the base_url as a domain when creating a session cookie if a cookie domain is empty
This commit is contained in:
parent
3855ea9fa7
commit
8edd0ef07a
|
@ -2162,13 +2162,18 @@ void Request::AddCookie(
|
||||||
|
|
||||||
void Request::AddDefaultSessionCookie(const std::wstring & value, pt::Date * expires)
|
void Request::AddDefaultSessionCookie(const std::wstring & value, pt::Date * expires)
|
||||||
{
|
{
|
||||||
|
std::wstring * domain = &config->session_cookie_domain;
|
||||||
|
|
||||||
|
if( domain->empty() )
|
||||||
|
domain = &config->base_url;
|
||||||
|
|
||||||
AddCookie(
|
AddCookie(
|
||||||
config->session_cookie_name,
|
config->session_cookie_name,
|
||||||
&value,
|
&value,
|
||||||
nullptr,
|
nullptr,
|
||||||
expires,
|
expires,
|
||||||
&config->session_cookie_path,
|
&config->session_cookie_path,
|
||||||
&config->session_cookie_domain,
|
domain,
|
||||||
static_cast<CookieSameSite>(config->session_cookie_same_site),
|
static_cast<CookieSameSite>(config->session_cookie_same_site),
|
||||||
config->session_cookie_http_only,
|
config->session_cookie_http_only,
|
||||||
config->session_cookie_secure
|
config->session_cookie_secure
|
||||||
|
|
Loading…
Reference in New Issue