From 3b8f8f8fe4fe8e41e91ece2fa284dc940278f6af Mon Sep 17 00:00:00 2001
From: mia <mia@mia.jetzt>
Date: Fri, 19 Jul 2024 17:46:50 -0700
Subject: properly redirect successful auth requests to the target uri

---
 nginx/sync.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'nginx/sync.py')

diff --git a/nginx/sync.py b/nginx/sync.py
index 9b02c45..9d81a39 100644
--- a/nginx/sync.py
+++ b/nginx/sync.py
@@ -12,7 +12,7 @@ handoff = map(lambda line: spacing_pattern.sub(r"\1 ", line), handoff)
 handoff = "".join(handoff).replace('"', '\\"').replace("$", "${dollar}")
 
 auth_check = """if ($cookie___proxy_token = "") {
-            return 303 https://$host/.nginx/handoff.html;
+            return 303 https://$host/.nginx/handoff.html#$request_uri;
         }
         auth_request /.nginx/auth;"""
 
@@ -34,7 +34,7 @@ auth_locations = (
             }
 
             location /.nginx/cookie {
-                add_header Set-Cookie "__proxy_token=${arg_token}; max-age=${arg_max_age}; path=/; httponly; secure";
+                add_header Set-Cookie "__proxy_token=${arg_token}; max-age=${arg_max_age}; path=/; httponly; samesite=lax; secure";
                 return 200;
             }"""
 )
-- 
cgit 1.4.1