From b1d64b3a597819eac0d69ecdd5a33e1fc012d544 Mon Sep 17 00:00:00 2001 From: Mikhail Shustov Date: Mon, 4 Jan 2021 15:59:26 +0300 Subject: [PATCH] remove SameSite:None workaround (#86994) --- .../server/http/cookie_session_storage.ts | 21 +------------------ 1 file changed, 1 insertion(+), 20 deletions(-) diff --git a/src/core/server/http/cookie_session_storage.ts b/src/core/server/http/cookie_session_storage.ts index 1ff0670d78f4e..40bca89c21cb3 100644 --- a/src/core/server/http/cookie_session_storage.ts +++ b/src/core/server/http/cookie_session_storage.ts @@ -19,8 +19,6 @@ import { Request, Server } from '@hapi/hapi'; import hapiAuthCookie from '@hapi/cookie'; -// @ts-expect-error no TS definitions -import Statehood from '@hapi/statehood'; import { KibanaRequest, ensureRawRequest } from './router'; import { SessionStorageFactory, SessionStorage } from './session_storage'; @@ -148,7 +146,7 @@ export async function createCookieSessionStorageFactory( path: basePath === undefined ? '/' : basePath, clearInvalid: false, isHttpOnly: true, - isSameSite: cookieOptions.sameSite === 'None' ? false : cookieOptions.sameSite ?? false, + isSameSite: cookieOptions.sameSite ?? false, }, validateFunc: async (req: Request, session: T | T[]) => { const result = cookieOptions.validate(session); @@ -159,23 +157,6 @@ export async function createCookieSessionStorageFactory( }, }); - // A hack to support SameSite: 'None'. - // Remove it after update Hapi to v19 that supports SameSite: 'None' out of the box. - if (cookieOptions.sameSite === 'None') { - log.debug('Patching Statehood.prepareValue'); - const originalPrepareValue = Statehood.prepareValue; - Statehood.prepareValue = function kibanaStatehoodPrepareValueWrapper( - name: string, - value: unknown, - options: any - ) { - if (name === cookieOptions.name) { - options.isSameSite = cookieOptions.sameSite; - } - return originalPrepareValue(name, value, options); - }; - } - return { asScoped(request: KibanaRequest) { return new ScopedCookieSessionStorage(log, server, ensureRawRequest(request));