diff --git a/ProcessMaker/Http/Controllers/Auth/LoginController.php b/ProcessMaker/Http/Controllers/Auth/LoginController.php index 6be170ac5b..688522aea1 100644 --- a/ProcessMaker/Http/Controllers/Auth/LoginController.php +++ b/ProcessMaker/Http/Controllers/Auth/LoginController.php @@ -91,7 +91,7 @@ public function showLoginForm(Request $request) true, true, false, - 'none' + $this->sessionSameSite() ); // Redirect to SSO and attach the cookie @@ -111,7 +111,7 @@ public function showLoginForm(Request $request) true, true, false, - 'none' + $this->sessionSameSite() ); $loginView = empty(config('app.login_view')) ? 'auth.login' : config('app.login_view'); $response = response(view($loginView, compact('addons', 'block'))); @@ -358,7 +358,7 @@ public function login(Request $request, User $user) true, true, false, - 'none', + $this->sessionSameSite(), ); return redirect()->route('password.change'); @@ -406,4 +406,9 @@ private function setupLanguage(Request $request, User $user) $user->save(); } } + + private function sessionSameSite(): string + { + return config('session.same_site') ?: 'lax'; + } } diff --git a/ProcessMaker/Http/Controllers/TaskController.php b/ProcessMaker/Http/Controllers/TaskController.php index 08bf2e510f..07d8d597a2 100755 --- a/ProcessMaker/Http/Controllers/TaskController.php +++ b/ProcessMaker/Http/Controllers/TaskController.php @@ -264,7 +264,17 @@ public function updateVariable(HttpRequest $request, $abe_uuid) // Review if the autentication is required if ($abe->require_login && Auth::user()->username === AnonymousUser::ANONYMOUS_USERNAME) { $request->session()->put('url.intended', url()->full()); - $cookie = cookie('processmaker_intended', url()->full(), 10, '/'); + $cookie = cookie( + 'processmaker_intended', + url()->full(), + 10, + '/', + null, + true, + true, + false, + config('session.same_site') ?: 'lax' + ); return redirect('login')->withCookie($cookie); }