From d8f6dead2b74ec71bd7ac078f365c88b8bd0900a Mon Sep 17 00:00:00 2001
From: Eric Schultz <eric@startuperic.com>
Date: Thu, 21 Jan 2021 11:28:57 -0700
Subject: [PATCH] fix: login prompt when switching between servers

---
 plugins/dynamix/include/local_prepend.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/plugins/dynamix/include/local_prepend.php b/plugins/dynamix/include/local_prepend.php
index c9a9c3128..20a9c20a2 100644
--- a/plugins/dynamix/include/local_prepend.php
+++ b/plugins/dynamix/include/local_prepend.php
@@ -24,7 +24,8 @@ setlocale(LC_ALL,'en_US.UTF-8');
 date_default_timezone_set(substr(readlink('/etc/localtime-copied-from'),20));
 ini_set("session.use_strict_mode", "1");
 session_name("unraid_".md5(strstr($_SERVER['HTTP_HOST'].':', ':', true)));
-session_set_cookie_params(0, '/; samesite=strict', null, array_key_exists('HTTPS', $_SERVER), true);
+$secure = array_key_exists('HTTPS', $_SERVER);
+session_set_cookie_params(0, '/; samesite='.$secure?'strict':'lax', null, $secure, true);
 if ($_SERVER['SCRIPT_NAME'] != '/login.php' && $_SERVER['SCRIPT_NAME'] != '/auth_request.php' && isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST') {
     if (!isset($var)) $var = parse_ini_file('state/var.ini');
     if (!isset($var['csrf_token'])) csrf_terminate("uninitialized");