prebid#5011 Fix to set Secure attribute on cookie when SameSite=none

InteractiveAdvertisingBureau · Apr 1, 2020 · d5600c0 · d5600c0
1 parent 5af6c64
commit d5600c0
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/src/storageManager.js b/src/storageManager.js
@@ -64,7 +64,9 @@ export function newStorageManager({gvlid, moduleName, moduleType} = {}) {
  if (result && result.valid) {
  const domainPortion = (domain && domain !== '') ? ` ;domain=${encodeURIComponent(domain)}` : '';
  const expiresPortion = (expires && expires !== '') ? ` ;expires=${expires}` : '';
- document.cookie = `${key}=${encodeURIComponent(value)}${expiresPortion}; path=/${domainPortion}${sameSite ? `; SameSite=${sameSite}` : ''}`;
+ var isNone = (sameSite != null && sameSite.toLowerCase() == 'none')
+ var secure = (isNone) ? '; Secure' : '';
+ document.cookie = `${key}=${encodeURIComponent(value)}${expiresPortion}; path=/${domainPortion}${sameSite ? `; SameSite=${sameSite}` : ''}${secure}`;
  }
  }
  if (done && typeof done === 'function') {