From 8c68ee450eaf4df385533d397ce1ce8342a4ed19 Mon Sep 17 00:00:00 2001
From: Dessalines <dessalines@users.noreply.github.com>
Date: Tue, 27 Aug 2024 15:31:31 -0400
Subject: [PATCH] Changing sameSite cookie from Strict to Lax. (#2677)

- Fixes #2666
- Fixes #2601
---
 src/shared/utils/browser/clear-auth-cookie.ts | 2 +-
 src/shared/utils/browser/set-auth-cookie.ts   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/shared/utils/browser/clear-auth-cookie.ts b/src/shared/utils/browser/clear-auth-cookie.ts
index f5cc73f1..cb297daf 100644
--- a/src/shared/utils/browser/clear-auth-cookie.ts
+++ b/src/shared/utils/browser/clear-auth-cookie.ts
@@ -4,7 +4,7 @@ import { authCookieName } from "../../config";
 export default function clearAuthCookie() {
   document.cookie = cookie.serialize(authCookieName, "", {
     maxAge: -1,
-    sameSite: true,
+    sameSite: "lax",
     path: "/",
   });
 }
diff --git a/src/shared/utils/browser/set-auth-cookie.ts b/src/shared/utils/browser/set-auth-cookie.ts
index e7d4300c..26fffa52 100644
--- a/src/shared/utils/browser/set-auth-cookie.ts
+++ b/src/shared/utils/browser/set-auth-cookie.ts
@@ -6,7 +6,7 @@ export default function setAuthCookie(jwt: string) {
   document.cookie = cookie.serialize(authCookieName, jwt, {
     maxAge: 365 * 24 * 60 * 60 * 1000,
     secure: isHttps(),
-    sameSite: true,
+    sameSite: "lax",
     path: "/",
   });
 }