From f94406a087079bfa5a924cc8095ba753160e885c Mon Sep 17 00:00:00 2001
From: ali <anio@users.noreply.github.com>
Date: Mon, 20 Jan 2020 07:12:44 +0000
Subject: [PATCH] Added support for SameSite cookie flag (#1615)

* Added support for SameSite cookie flag

* fixed tests.

* Update context.go

* Update context_test.go

* Update context_test.go

Co-authored-by: thinkerou <thinkerou@gmail.com>
Co-authored-by: Bo-Yi Wu <appleboy.tw@gmail.com>
---
 context.go      | 3 ++-
 context_test.go | 8 ++++----
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/context.go b/context.go
index e979d288..ee202d1e 100644
--- a/context.go
+++ b/context.go
@@ -775,7 +775,7 @@ func (c *Context) GetRawData() ([]byte, error) {
 // SetCookie adds a Set-Cookie header to the ResponseWriter's headers.
 // The provided cookie must have a valid Name. Invalid cookies may be
 // silently dropped.
-func (c *Context) SetCookie(name, value string, maxAge int, path, domain string, secure, httpOnly bool) {
+func (c *Context) SetCookie(name, value string, maxAge int, path, domain string, sameSite http.SameSite, secure, httpOnly bool) {
 	if path == "" {
 		path = "/"
 	}
@@ -785,6 +785,7 @@ func (c *Context) SetCookie(name, value string, maxAge int, path, domain string,
 		MaxAge:   maxAge,
 		Path:     path,
 		Domain:   domain,
+		SameSite: sameSite,
 		Secure:   secure,
 		HttpOnly: httpOnly,
 	})
diff --git a/context_test.go b/context_test.go
index 18709d3d..df2d9543 100644
--- a/context_test.go
+++ b/context_test.go
@@ -602,14 +602,14 @@ func TestContextPostFormMultipart(t *testing.T) {
 
 func TestContextSetCookie(t *testing.T) {
 	c, _ := CreateTestContext(httptest.NewRecorder())
-	c.SetCookie("user", "gin", 1, "/", "localhost", true, true)
-	assert.Equal(t, "user=gin; Path=/; Domain=localhost; Max-Age=1; HttpOnly; Secure", c.Writer.Header().Get("Set-Cookie"))
+	c.SetCookie("user", "gin", 1, "/", "localhost", http.SameSiteLaxMode, true, true)
+	assert.Equal(t, "user=gin; Path=/; Domain=localhost; Max-Age=1; HttpOnly; Secure; SameSite=Lax", c.Writer.Header().Get("Set-Cookie"))
 }
 
 func TestContextSetCookiePathEmpty(t *testing.T) {
 	c, _ := CreateTestContext(httptest.NewRecorder())
-	c.SetCookie("user", "gin", 1, "", "localhost", true, true)
-	assert.Equal(t, "user=gin; Path=/; Domain=localhost; Max-Age=1; HttpOnly; Secure", c.Writer.Header().Get("Set-Cookie"))
+	c.SetCookie("user", "gin", 1, "", "localhost", http.SameSiteLaxMode, true, true)
+	assert.Equal(t, "user=gin; Path=/; Domain=localhost; Max-Age=1; HttpOnly; Secure; SameSite=Lax", c.Writer.Header().Get("Set-Cookie"))
 }
 
 func TestContextGetCookie(t *testing.T) {