From dca012f0b72b094dcdb5b5136cb05a279164086f Mon Sep 17 00:00:00 2001
From: Adam Williams <lol768@users.noreply.github.com>
Date: Fri, 20 Oct 2017 15:31:46 +0100
Subject: [PATCH] Use SameSite=strict cookies consistently (#1450)

---
 src/HTTPSock.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/HTTPSock.cpp b/src/HTTPSock.cpp
index a85d3517..f9361d82 100644
--- a/src/HTTPSock.cpp
+++ b/src/HTTPSock.cpp
@@ -743,7 +743,7 @@ bool CHTTPSock::PrintHeader(off_t uContentLength, const CString& sContentType,
     for (const auto& it : m_msResponseCookies) {
         Write("Set-Cookie: " + it.first.Escape_n(CString::EURL) + "=" +
               it.second.Escape_n(CString::EURL) + "; HttpOnly; path=/;" +
-              (GetSSL() ? "Secure;" : "") + "\r\n");
+              (GetSSL() ? "Secure;" : "") + " SameSite=Strict;\r\n");
     }
 
     for (const auto& it : m_msHeaders) {