From 63cea30af34dcfb7810338772e3c72ed32b47251 Mon Sep 17 00:00:00 2001
From: Willy Kloucek <wkloucek@owncloud.com>
Date: Wed, 5 May 2021 13:07:12 +0200
Subject: [PATCH] change samesite settings for web

---
 changelog/unreleased/web-samesite.md | 5 +++++
 web/pkg/service/v0/service.go        | 1 +
 2 files changed, 6 insertions(+)
 create mode 100644 changelog/unreleased/web-samesite.md

diff --git a/changelog/unreleased/web-samesite.md b/changelog/unreleased/web-samesite.md
new file mode 100644
index 000000000..bb4b5e738
--- /dev/null
+++ b/changelog/unreleased/web-samesite.md
@@ -0,0 +1,5 @@
+Enhancement: Set SameSite settings to Strict for Web
+
+Changed SameSite settings to Strict for Web to prevent warnings in Firefox
+
+https://github.com/owncloud/ocis/pull/2019
diff --git a/web/pkg/service/v0/service.go b/web/pkg/service/v0/service.go
index 20621ae36..1ef7d1137 100644
--- a/web/pkg/service/v0/service.go
+++ b/web/pkg/service/v0/service.go
@@ -177,6 +177,7 @@ func (p Web) Static(ttl int) http.HandlerFunc {
 		w.Header().Set("Cache-Control", "no-cache, no-store, max-age=0, must-revalidate, value")
 		w.Header().Set("Expires", "Thu, 01 Jan 1970 00:00:00 GMT")
 		w.Header().Set("Last-Modified", time.Now().UTC().Format(http.TimeFormat))
+		w.Header().Set("SameSite", "Strict")
 
 		static.ServeHTTP(w, r)
 	}