From ad3a466a61ddeab48062eeaa14de8cc2533a1c9b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20P=C3=A9ters?= <fpeters@entrouvert.com>
Date: Mon, 17 Aug 2020 22:23:48 +0200
Subject: [PATCH] misc: mark gadjo_sidepage_status cookie as secure and strict
 (#45937)

---
 gadjo/static/js/gadjo.js | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/gadjo/static/js/gadjo.js b/gadjo/static/js/gadjo.js
index 7d63b3e..4125ab1 100644
--- a/gadjo/static/js/gadjo.js
+++ b/gadjo/static/js/gadjo.js
@@ -310,6 +310,8 @@ var gadjo_js = gadjo_js || {};
           date.setTime(date.getTime() + (10 * 86400 * 1000)); /* a long week */
           document.cookie = 'gadjo_sidepage_status=' + sidepage_status +
                             '; expires=' + date.toGMTString() +
+                            (window.location.protocol == "https:" && "; Secure" || "") +
+                            '; sameSite=Strict' +
                             '; domain=.' + cookie_domain +
                             '; path=/';
         }