Remove SameSite=None restrictions for Rack 2.1.0

Also bump Rails' now required Rack 2.1.0 version.

Remove SameSite=None restrictions for Rack 2.1.0
Also bump Rails' now required Rack 2.1.0 version.
28f81c05 · Kasper Timm Hansen · a0569ff8 · 28f81c05 · 28f81c05
Showing with 1 addition and 2 deletion

actionpack/lib/action_dispatch/middleware/cookies.rb actionpack/lib/action_dispatch/middleware/cookies.rb +0 -1

actionpack/test/dispatch/cookies_test.rb actionpack/test/dispatch/cookies_test.rb +1 -1

未找到文件。
--- a/actionpack/lib/action_dispatch/middleware/cookies.rb
+++ b/actionpack/lib/action_dispatch/middleware/cookies.rb
@@ -440,7 +440,6 @@ def handle_options(options)

          options[:path]      ||= "/"
          options[:same_site] ||= request.cookies_same_site_protection
-          options[:same_site] = false if options[:same_site] == :none # TODO: Remove when rack 2.1.0 is out.

          if options[:domain] == :all || options[:domain] == "all"
            # If there is a provided tld length then we use it otherwise default domain regexp.

--- a/actionpack/test/dispatch/cookies_test.rb
+++ b/actionpack/test/dispatch/cookies_test.rb
@@ -366,7 +366,7 @@ def test_setting_cookie_with_no_protection
    @request.env["action_dispatch.cookies_same_site_protection"] = :none

    get :authenticate
-    assert_cookie_header "user_name=david; path=/" # TODO: append "; SameSite=None" when rack 2.1.0 is out and bump rack dependency version.
+    assert_cookie_header "user_name=david; path=/; SameSite=None"
    assert_equal({ "user_name" => "david" }, @response.cookies)
  end