Skip to content

Commit

Permalink
Set PCC-GRANT cookie very permissively
Browse files Browse the repository at this point in the history
  • Loading branch information
@kevinstubbs
kevinstubbs committed Jul 2, 2024
1 parent 321b747 commit 87fdf27
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 2 deletions.
5 changes: 5 additions & 0 deletions .changeset/young-maps-fly.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
"@pantheon-systems/pcc-sdk-core": patch
---

PCC-GRANT (preview token) cookie now set with most relaxed security so that preview-pages can be shown in iframes.
2 changes: 1 addition & 1 deletion .github/workflows/changeset.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: checkout code repository
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: setup node.js
Expand Down
2 changes: 1 addition & 1 deletion packages/core/src/core/pantheon-api.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -127,7 +127,7 @@ export const PantheonAPI = (givenOptions?: PantheonAPIOptions) => {

// Set or delete the PCC-GRANT cookie.
if (pccGrant) {
await setCookie(res, `PCC-GRANT=${pccGrant}; Path=/; SameSite=Lax`);
await setCookie(res, `PCC-GRANT=${pccGrant}; Path=/; SameSite=None;Secure;`);

Check failure on line 130 in packages/core/src/core/pantheon-api.ts

View workflow job for this annotation

GitHub Actions / lint 

Replace `res,·`PCC-GRANT=${pccGrant};·Path=/;·SameSite=None;Secure;`` with `⏎········res,⏎········`PCC-GRANT=${pccGrant};·Path=/;·SameSite=None;Secure;`,⏎······`
} else if (
options?.getSiteId != null &&
req.cookies?.["PCC-GRANT"] != null
Expand Down

0 comments on commit 87fdf27

Please sign in to comment.