diff --git a/client/security.coffee b/client/security.coffee
index 5d18bed..2ea4621 100644
--- a/client/security.coffee
+++ b/client/security.coffee
@@ -72,7 +72,7 @@ update_footer = (ownerName, isAuthenticated) ->
if response.ok
window.isAuthenticated = false
user = ''
- document.cookie = "state=loggedOut" + ";domain=." + settings.cookieDomain + "; path=/; max-age=60;"
+ document.cookie = "state=loggedOut" + ";domain=." + settings.cookieDomain + "; path=/; max-age=60; sameSite=Strict;"
update_footer ownerName, isAuthenticated
else
console.log 'logout failed: ', response
@@ -89,7 +89,7 @@ update_footer = (ownerName, isAuthenticated) ->
$('footer > #security > #addAltAuth').click (e) ->
e.preventDefault
- document.cookie = "wikiName=#{window.location.host}" + ";domain=.#{settings.cookieDomain}; path=/; max-age=300;"
+ document.cookie = "wikiName=#{window.location.host}" + ";domain=.#{settings.cookieDomain}; path=/; max-age=300; sameSite=Strict;"
w = WinChan.open({
url: settings.dialogAddAltURL
@@ -138,7 +138,7 @@ update_footer = (ownerName, isAuthenticated) ->
$('footer > #security > #show-security-dialog').click (e) ->
e.preventDefault()
- document.cookie = "wikiName=#{window.location.host}" + ";domain=.#{settings.cookieDomain}; path=/; max-age=300;"
+ document.cookie = "wikiName=#{window.location.host}" + ";domain=.#{settings.cookieDomain}; path=/; max-age=300; sameSite=Strict;"
w = WinChan.open({
url: settings.dialogURL
diff --git a/views/done.html b/views/done.html
index c6cb0a7..44896b7 100644
--- a/views/done.html
+++ b/views/done.html
@@ -43,7 +43,7 @@