zaid.marzguioui/myeasycms-v2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix cookie sameSite attribute (#443)

Browse Source 
* fix: set i18n cookie SameSite=lax to survive cross-domain redirects

The i18n language cookie was being reset to default after Supabase
email verification redirects because the cookie was using the default
SameSite=strict setting which doesn't survive cross-domain navigation.

Changes:
- Set cookieOptions.sameSite to 'lax' to allow cookie to persist through
  cross-domain redirects (like Supabase auth flows)
- Set secure flag dynamically based on HTTPS protocol
- Set cookie path to '/' for site-wide availability
- Set cookie expiration to 1 year
- Change detection order to prioritize cookie over htmlTag

Bumps version to 2.23.4

* fix: set theme cookie SameSite=lax to survive cross-domain redirects

Apply the same fix as the i18n cookie to the theme cookie. The theme
preference cookie was also missing SameSite=lax attribute, causing it
to potentially be lost during cross-domain authentication flows.

Changes:
- Add SameSite=lax to theme cookie
- Add Secure flag conditionally based on HTTPS protocol
- Fix typo: setCookeTheme -> setCookieTheme

* fix: correct SameSite casing and add security to sidebar cookie

- Fix SameSite value to use proper capitalization (Lax instead of lax)
  for better browser compatibility
- Add SameSite=Lax and conditional Secure flag to sidebar state cookie
- Add typeof window check for defensive programming

---------

Co-authored-by: Claude <noreply@anthropic.com>
This commit is contained in:
Giancarlo Buomprisco
2026-01-11 15:10:49 +01:00
committed by GitHub
parent f5e6910194
commit f0baf4f348
5 changed files with 17 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
package.json
View File

@@ -1,6 +1,6 @@
{ {
"name": "next-supabase-saas-kit-turbo", "name": "next-supabase-saas-kit-turbo",
"version": "2.23.3", "version": "2.23.4",
"private": true, "private": true,
"sideEffects": false, "sideEffects": false,
"engines": { "engines": {

8
packages/i18n/src/i18n.client.ts
View File

@@ -43,9 +43,15 @@ export async function initializeI18nClient(
{ {
...settings, ...settings,
detection: { detection: {
order: ['htmlTag', 'cookie', 'navigator'], order: ['cookie', 'htmlTag', 'navigator'],
caches: ['cookie'], caches: ['cookie'],
lookupCookie: 'lang', lookupCookie: 'lang',
cookieMinutes: 60 * 24 * 365, // 1 year
cookieOptions: {
sameSite: 'lax',
secure: typeof window !== 'undefined' && window.location.protocol === 'https:',
path: '/',
},
}, },
interpolation: { interpolation: {
escapeValue: false, escapeValue: false,

3
packages/ui/src/makerkit/mobile-mode-toggle.tsx
View File

@@ -31,5 +31,6 @@ export function MobileModeToggle(props: { className?: string }) {
} }
function setCookieTheme(theme: string) { function setCookieTheme(theme: string) {
document.cookie = `theme=${theme}; path=/; max-age=31536000`; const secure = typeof window !== 'undefined' && window.location.protocol === 'https:';
document.cookie = `theme=${theme}; path=/; max-age=31536000; SameSite=Lax${secure ? '; Secure' : ''}`;
} }

9
packages/ui/src/makerkit/mode-toggle.tsx
View File

@@ -36,7 +36,7 @@ export function ModeToggle(props: { className?: string }) {
key={mode} key={mode}
onClick={() => { onClick={() => {
setTheme(mode); setTheme(mode);
setCookeTheme(mode); setCookieTheme(mode);
}} }}
> >
<Icon theme={mode} /> <Icon theme={mode} />
@@ -80,7 +80,7 @@ export function SubMenuModeToggle() {
key={mode} key={mode}
onClick={() => { onClick={() => {
setTheme(mode); setTheme(mode);
setCookeTheme(mode); setCookieTheme(mode);
}} }}
> >
<Icon theme={mode} /> <Icon theme={mode} />
@@ -125,8 +125,9 @@ export function SubMenuModeToggle() {
); );
} }
function setCookeTheme(theme: string) { function setCookieTheme(theme: string) {
document.cookie = `theme=${theme}; path=/; max-age=31536000`; const secure = typeof window !== 'undefined' && window.location.protocol === 'https:';
document.cookie = `theme=${theme}; path=/; max-age=31536000; SameSite=Lax${secure ? '; Secure' : ''}`;
} }
function Icon({ theme }: { theme: string | undefined }) { function Icon({ theme }: { theme: string | undefined }) {

3
packages/ui/src/shadcn/sidebar.tsx
View File

@@ -96,7 +96,8 @@ const SidebarProvider: React.FC<
_setOpen(value); _setOpen(value);
// This sets the cookie to keep the sidebar state. // This sets the cookie to keep the sidebar state.
document.cookie = `${SIDEBAR_COOKIE_NAME}=${open}; path=/; max-age=${SIDEBAR_COOKIE_MAX_AGE}`; const secure = typeof window !== 'undefined' && window.location.protocol === 'https:';
document.cookie = `${SIDEBAR_COOKIE_NAME}=${open}; path=/; max-age=${SIDEBAR_COOKIE_MAX_AGE}; SameSite=Lax${secure ? '; Secure' : ''}`;
}, },
[setOpenProp, open], [setOpenProp, open],
); );