Skip to content
This repository was archived by the owner on Jun 2, 2023. It is now read-only.

Update module gorilla/sessions to v1 #120

Merged
merged 1 commit into from
Jul 1, 2019
Merged

Update module gorilla/sessions to v1 #120

merged 1 commit into from
Jul 1, 2019

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented Jun 30, 2019

This PR contains the following updates:

Package Type Update Change
github.com/gorilla/sessions require major v0.0.0-20180115173807-fe21b6a095cd -> v1.1.3

Release Notes

gorilla/sessions

v1.1.3

Compare Source

This release fixes an oversight in how cookie options were copied internally, impacting SameSite cookie settings.

CHANGELOG

v1.1.2

Compare Source

gorilla/sessions now supports the SameSite cookie attribute added in Go 1.11.

Cookies with this set (in Strict mode, preferably) are only sent on requests originating from the same origin at as the cookie domain, rather than for all requests to that domain no matter the origin.

You can set SameSite on a session by setting session.Options.SameSite to a valid value:

func MyHandler(w http.ResponseWriter, r *http.Request) {
	session, err := store.Get(r, "session-name")
	if err != nil {
		http.Error(w, err.Error(), http.StatusBadRequest)
		return
	}

	// Set the SameSite mode via one of the typed constants described
	// at https://golang.org/pkg/net/http/#SameSite
	session.Options = &sessions.Options{SameSite: http.SameSiteStrictMode}

	if err := session.Save(r, w); err != nil {
		http.Error(w, err.Error(), http.StatusBadRequest)
		return
	}
}

You can read more about the SameSite attribute on Mozilla's blog, or inthe RFC itself.

CHANGELOG

Renovate configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻️ Rebasing: Whenever PR becomes conflicted, or if you modify the PR title to begin with "rebase!".

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot. View repository job log here.

@jirfag jirfag merged commit 52c86ec into master Jul 1, 2019
@jirfag jirfag deleted the renovate/git.colasdn.top-gorilla-sessions-1.x branch July 1, 2019 06:58
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jirfag @renovate-bot