summaryrefslogtreecommitdiffstats
path: root/registry/registry.c
diff options
context:
space:
mode:
Diffstat (limited to 'registry/registry.c')
-rw-r--r--registry/registry.c19
1 files changed, 17 insertions, 2 deletions
diff --git a/registry/registry.c b/registry/registry.c
index b14f4ee4a..8148745fe 100644
--- a/registry/registry.c
+++ b/registry/registry.c
@@ -23,7 +23,7 @@ static inline void registry_unlock(void) {
// COOKIES
static void registry_set_cookie(struct web_client *w, const char *guid) {
- char edate[100];
+ char edate[100], domain[512];
time_t et = now_realtime_sec() + registry.persons_expiration;
struct tm etmbuf, *etm = gmtime_r(&et, &etmbuf);
strftime(edate, sizeof(edate), "%a, %d %b %Y %H:%M:%S %Z", etm);
@@ -31,7 +31,22 @@ static void registry_set_cookie(struct web_client *w, const char *guid) {
snprintfz(w->cookie1, NETDATA_WEB_REQUEST_COOKIE_SIZE, NETDATA_REGISTRY_COOKIE_NAME "=%s; Expires=%s", guid, edate);
if(registry.registry_domain && registry.registry_domain[0])
- snprintfz(w->cookie2, NETDATA_WEB_REQUEST_COOKIE_SIZE, NETDATA_REGISTRY_COOKIE_NAME "=%s; Domain=%s; Expires=%s", guid, registry.registry_domain, edate);
+ snprintfz(domain, 511, "Domain=%s", registry.registry_domain);
+ else
+ domain[0]='\0';
+
+ int length = snprintfz(w->cookie2, NETDATA_WEB_REQUEST_COOKIE_SIZE,
+ NETDATA_REGISTRY_COOKIE_NAME "=%s; Expires=%s; %s",
+ guid, edate, domain);
+
+ size_t remaining_length = NETDATA_WEB_REQUEST_COOKIE_SIZE - length;
+ // 25 is the necessary length to add new cookies
+ if (registry.enable_cookies_samesite_secure) {
+ if (length > 0 && remaining_length > 25)
+ snprintfz(&w->cookie2[length], remaining_length, "; SameSite=None; Secure");
+ else
+ error("Netdata does not have enough space to store cookies SameSite and Secure");
+ }
}
static inline void registry_set_person_cookie(struct web_client *w, REGISTRY_PERSON *p) {