diff --git a/docs/docs/how-to/oauth.md b/docs/docs/how-to/oauth.md index da9ad9f65ee9..f1b6965e580e 100644 --- a/docs/docs/how-to/oauth.md +++ b/docs/docs/how-to/oauth.md @@ -636,7 +636,7 @@ const secureCookie = (user) => { `Expires=${expires.toUTCString()}`, 'HttpOnly=true', 'Path=/', - 'SameSite=Strict', + 'SameSite=Lax', `Secure=${process.env.NODE_ENV !== 'development'}`, ] const data = JSON.stringify({ id: user.id }) @@ -731,7 +731,7 @@ const secureCookie = (user) => { `Expires=${expires.toUTCString()}`, 'HttpOnly=true', 'Path=/', - 'SameSite=Strict', + 'SameSite=Lax', `Secure=${process.env.NODE_ENV !== 'development'}`, ] const data = JSON.stringify({ id: user.id }) diff --git a/packages/auth-providers/dbAuth/api/src/__tests__/DbAuthHandler.fetch.test.js b/packages/auth-providers/dbAuth/api/src/__tests__/DbAuthHandler.fetch.test.js index e7b0fbd6adaf..a9d5e2852a9c 100644 --- a/packages/auth-providers/dbAuth/api/src/__tests__/DbAuthHandler.fetch.test.js +++ b/packages/auth-providers/dbAuth/api/src/__tests__/DbAuthHandler.fetch.test.js @@ -2580,7 +2580,7 @@ describe('dbAuth', () => { expect(attributes.length).toEqual(6) expect(attributes[0]).toEqual('Path=/') expect(attributes[1]).toEqual('HttpOnly') - expect(attributes[2]).toEqual('SameSite=Strict') + expect(attributes[2]).toEqual('SameSite=Lax') expect(attributes[3]).toEqual('Secure') expect(attributes[4]).toEqual('Domain=example.com') expect(attributes[5]).toMatch(`Expires=`) diff --git a/packages/auth-providers/dbAuth/api/src/__tests__/DbAuthHandler.test.js b/packages/auth-providers/dbAuth/api/src/__tests__/DbAuthHandler.test.js index 5319c96215fa..7803350afcda 100644 --- a/packages/auth-providers/dbAuth/api/src/__tests__/DbAuthHandler.test.js +++ b/packages/auth-providers/dbAuth/api/src/__tests__/DbAuthHandler.test.js @@ -2380,7 +2380,7 @@ describe('dbAuth', () => { expect(attributes.length).toEqual(6) expect(attributes[0]).toEqual('Path=/') expect(attributes[1]).toEqual('HttpOnly') - expect(attributes[2]).toEqual('SameSite=Strict') + expect(attributes[2]).toEqual('SameSite=Lax') expect(attributes[3]).toEqual('Secure') expect(attributes[4]).toEqual('Domain=example.com') expect(attributes[5]).toMatch(`Expires=`)