From 58e299b337304ba3749bfe51c9a5684eaeadbbf0 Mon Sep 17 00:00:00 2001
From: Greg Burri <greg.burri@gmail.com>
Date: Wed, 30 Apr 2025 17:38:16 +0200
Subject: [PATCH] Set parameter `SameSite` to `Lax` for both cookies
 *dark_theme* and *lang*

---
 backend/src/services/ron/mod.rs | 6 ++++--
 frontend/src/lib.rs             | 2 +-
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/backend/src/services/ron/mod.rs b/backend/src/services/ron/mod.rs
index 7654301..742b041 100644
--- a/backend/src/services/ron/mod.rs
+++ b/backend/src/services/ron/mod.rs
@@ -4,7 +4,7 @@ use axum::{
     http::{HeaderMap, StatusCode},
     response::{IntoResponse, Result},
 };
-use axum_extra::extract::cookie::{Cookie, CookieJar};
+use axum_extra::extract::cookie::{Cookie, CookieJar, SameSite};
 // use tracing::{event, Level};
 
 use crate::{
@@ -29,7 +29,9 @@ pub async fn set_lang(
     }
 
     // Always set the cookie even is the user is connected in case of disconnection.
-    let cookie = Cookie::build((consts::COOKIE_LANG_NAME, ron.lang)).path("/");
+    let cookie = Cookie::build((consts::COOKIE_LANG_NAME, ron.lang))
+        .same_site(SameSite::Lax)
+        .path("/");
     jar = jar.add(cookie);
 
     Ok((jar, StatusCode::OK))
diff --git a/frontend/src/lib.rs b/frontend/src/lib.rs
index 63d397a..e085200 100644
--- a/frontend/src/lib.rs
+++ b/frontend/src/lib.rs
@@ -121,7 +121,7 @@ fn set_cookie_dark_theme(dark_theme: bool) {
             domain: None,
             expires: None,
             secure: false,
-            same_site: wasm_cookies::SameSite::Strict,
+            same_site: wasm_cookies::SameSite::Lax,
         },
     );
 }