Add sameSite + secure Cookie settings for endpoint.ex to Documentation

Question

Add sameSite + secure Cookie settings for endpoint.ex to Documentation

boonpflug opened this issue 4 years ago · 1 comments

Hey, great project, thanks for creating it.

I noticed that when i tried to run shopifex with ngrok or lynk using https, my redirects wouldn't work with persisted session storage (flash etc was lost between redirects).

it seems this is caused by the default samesite and secure settings of the phoenix endpoint, which doesn't play along with the iframe and redirects.

i changed my endpoint.ex to this:
@session_options [
store: :cookie,
key: "_my_app_key",
signing_salt: "Es1PzgRs",
secure: true,
extra: "SameSite=None"

]

which solved the problem. maybe think about adding this to the documentation?

Answer 1 · 2021-01-20T14:09:50.000Z

@boonpflug I have been adding those properties to all my apps 🤦 I should have added this to the docs a long time ago. Thanks for bringing this up!

You will find a number of changes to the README which you may want to take advantage of in your new app.