From 9f7550938b01ad480bd1e63240fbf5b3bb0af5b1 Mon Sep 17 00:00:00 2001
From: Mickael Kerjean <mickael@kerjean.me>
Date: Sat, 16 Jul 2022 18:59:53 +1000
Subject: [PATCH] fix (iframe): proof cookie should be iframe friendly

before this commit, we couldn't embed a shared link protected by a
password as it would show the following error: "Unauthorized Shared
space".
---
 server/ctrl/share.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/server/ctrl/share.go b/server/ctrl/share.go
index 81dafcc7..c624f30b 100644
--- a/server/ctrl/share.go
+++ b/server/ctrl/share.go
@@ -179,7 +179,8 @@ func ShareVerifyProof(ctx App, res http.ResponseWriter, req *http.Request) {
 		Path:     COOKIE_PATH,
 		MaxAge:   60 * 60 * 24 * 30,
 		HttpOnly: true,
-		SameSite: http.SameSiteStrictMode,
+		SameSite: http.SameSiteNoneMode,
+		Secure:   true,
 	}
 	http.SetCookie(res, &cookie)