From 72911e41bb825f7b3e31eba816c0f38a1a28b08d Mon Sep 17 00:00:00 2001
From: bjoern-m <bjoern.mueller@hanko.io>
Date: Fri, 13 Dec 2024 12:57:21 +0100
Subject: [PATCH] chore: add same site attribute to the device trust cookie

---
 .../flow_api/flow/device_trust/hook_issue_trust_device_cookie.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/backend/flow_api/flow/device_trust/hook_issue_trust_device_cookie.go b/backend/flow_api/flow/device_trust/hook_issue_trust_device_cookie.go
index 7a83d1017..e1517a86b 100644
--- a/backend/flow_api/flow/device_trust/hook_issue_trust_device_cookie.go
+++ b/backend/flow_api/flow/device_trust/hook_issue_trust_device_cookie.go
@@ -60,6 +60,7 @@ func (h IssueTrustDeviceCookie) Execute(c flowpilot.HookExecutionContext) error
 	cookie.HttpOnly = true
 	cookie.Secure = true
 	cookie.MaxAge = maxAge
+	cookie.SameSite = http.SameSiteNoneMode
 
 	deps.HttpContext.SetCookie(cookie)