From 67bef3a692d1a8cbbaede9db3da2c131e88ec41d Mon Sep 17 00:00:00 2001
From: Quincy Morgan <quincy.morgan@icloud.com>
Date: Wed, 13 May 2020 09:37:12 -0400
Subject: [PATCH] Add `sameSite=strict` attribute to lock cookies (close #7596)

---
 modules/util/session_mutex.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/util/session_mutex.js b/modules/util/session_mutex.js
index 359e594f2..99fdc94d9 100644
--- a/modules/util/session_mutex.js
+++ b/modules/util/session_mutex.js
@@ -10,7 +10,7 @@ export function utilSessionMutex(name) {
     function renew() {
         var expires = new Date();
         expires.setSeconds(expires.getSeconds() + 5);
-        document.cookie = name + '=1; expires=' + expires.toUTCString();
+        document.cookie = name + '=1; expires=' + expires.toUTCString() + '; sameSite=strict';
     }
 
     mutex.lock = function () {
@@ -24,7 +24,7 @@ export function utilSessionMutex(name) {
 
     mutex.unlock = function () {
         if (!intervalID) return;
-        document.cookie = name + '=; expires=Thu, 01 Jan 1970 00:00:00 GMT';
+        document.cookie = name + '=; expires=Thu, 01 Jan 1970 00:00:00 GMT; sameSite=strict';
         clearInterval(intervalID);
         intervalID = null;
     };