From 0fbfe5160af67440c495ee1589b435a82e136e10 Mon Sep 17 00:00:00 2001
From: jcardus <joaquim.cardeira@gmail.com>
Date: Sat, 5 Sep 2020 23:28:13 +0100
Subject: Chrome Cross-Site Cookie (#4572)

Chrome samesite cookie problem

Co-authored-by: jcardus <joaquim.cardeira@inosat.pt>
---
 src/main/java/org/traccar/web/WebServer.java | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'src/main/java/org/traccar/web')

diff --git a/src/main/java/org/traccar/web/WebServer.java b/src/main/java/org/traccar/web/WebServer.java
index 7f0ec53b6..3f2a24815 100644
--- a/src/main/java/org/traccar/web/WebServer.java
+++ b/src/main/java/org/traccar/web/WebServer.java
@@ -167,6 +167,11 @@ public class WebServer {
                 SecurityRequestFilter.class, CorsResponseFilter.class, DateParameterConverterProvider.class);
         resourceConfig.packages(ServerResource.class.getPackage().getName());
         servletHandler.addServlet(new ServletHolder(new ServletContainer(resourceConfig)), "/api/*");
+
+        if (config.getBoolean(Keys.WEB_SAME_SITE_COOKIE_NONE)) {
+            servletHandler.getServletContext().getSessionCookieConfig().setSecure(true);
+            servletHandler.getServletContext().getSessionCookieConfig().setComment("__SAME_SITE_NONE__");
+        }
     }
 
     public void start() {
-- 
cgit v1.2.3