bug: fix cookie behaviour across subdomains

zenodo · Apr 2, 2024 · 357feac · 357feac
1 parent fda5c1d
commit 357feac
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/content/about/cookie-policy/contents.lr b/content/about/cookie-policy/contents.lr
@@ -145,7 +145,7 @@ $('#withdraw-consent')
 function unsetCookie(cname) {
     var expires = "expires=Thu, 01 Jan 1970 00:00:00 UTC";
     var cookie = cname + "=;" + expires + ";"
-    cookie += "path=.zenodo.org;SameSite=None; Secure";
+    cookie += "Domain=zenodo.org;Path=/;SameSite=None; Secure";
     document.cookie = cookie;
 }
 </script>
diff --git a/templates/macros/cookie-banner.html b/templates/macros/cookie-banner.html
@@ -94,7 +94,7 @@
     d.setTime(d.getTime() + (365 * 24 * 60 * 60 * 1000)); // one year
     var expires = "expires=" + d.toUTCString();
     var cookie = cname + "=" + cvalue + ";" + expires + ";"
-    cookie += "path=.zenodo.org;SameSite=None; Secure"; // so that it works across subdomains
+    cookie += "Domain=zenodo.org;Path=/;SameSite=None; Secure"; // so that it works across subdomains
     document.cookie = cookie;
 }
 </script>