misc: mark cookies as secure & strict (#45936)

static/js/cookie_usage_consent.js

@@ -49,7 +49,10 @@ function close_banner() {
 }
 
 function ga_refuse() {
-    document.cookie = 'hasConsent=false'+ get_expiration() + path + domain;
+    document.cookie = 'hasConsent=false'+ get_expiration() +
+                (window.location.protocol == "https:" && "; Secure" || "") +
+                '; sameSite=Strict' +
+                path + domain;
     var banner = document.getElementById('consent_banner');
     banner.innerHTML='Vous vous êtes opposé au dépôt de cookies de mesures \
 d\'audience dans votre navigateur.';
@@ -67,7 +70,11 @@ function consent_banner() {
     banner.innerHTML = content;
     body.insertBefore(banner, body.firstChild);
     /* no action is accepting */
-    document.cookie = 'hasConsent=true'+ get_expiration() + path + domain;
+    document.cookie = 'hasConsent=true'+
+                get_expiration() +
+                (window.location.protocol == "https:" && "; Secure" || "") +
+                '; sameSite=Strict' +
+                path + domain;
 }
 
 if (navigator.doNotTrack != '1') {

static/portal-agent/js/publik.js

@@ -176,9 +176,13 @@ $(function() {
   document.cookie = 'publik_portal_agent_url=' +
           encodeURIComponent(PUBLIK_PORTAL_AGENT_URL) +
           '; expires=' + date.toGMTString() +
+          (window.location.protocol == "https:" && "; Secure" || "") +
+          '; sameSite=Strict' +
           '; domain=.' + cookie_domain + '; path=/';
   document.cookie = 'publik_portal_agent_title=' +
           encodeURIComponent(PUBLIK_PORTAL_AGENT_TITLE) +
           '; expires=' + date.toGMTString() +
+          (window.location.protocol == "https:" && "; Secure" || "") +
+          '; sameSite=Strict' +
           '; domain=.' + cookie_domain + '; path=/';
 });