From d1abbd02906424f87b687ffde1f5ac8db457d7eb Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 22 Apr 2025 12:35:14 +0200
Subject: [chore]: Bump github.com/gin-contrib/sessions from 1.0.2 to 1.0.3
 (#4033)

Bumps [github.com/gin-contrib/sessions](https://github.com/gin-contrib/sessions) from 1.0.2 to 1.0.3.
- [Release notes](https://github.com/gin-contrib/sessions/releases)
- [Changelog](https://github.com/gin-contrib/sessions/blob/master/.goreleaser.yaml)
- [Commits](https://github.com/gin-contrib/sessions/compare/v1.0.2...v1.0.3)

---
updated-dependencies:
- dependency-name: github.com/gin-contrib/sessions
  dependency-version: 1.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 vendor/github.com/gorilla/sessions/store.go | 17 ++++++++++++-----
 1 file changed, 12 insertions(+), 5 deletions(-)

(limited to 'vendor/github.com/gorilla/sessions/store.go')

diff --git a/vendor/github.com/gorilla/sessions/store.go b/vendor/github.com/gorilla/sessions/store.go
index aea37e4b5..24db822b9 100644
--- a/vendor/github.com/gorilla/sessions/store.go
+++ b/vendor/github.com/gorilla/sessions/store.go
@@ -14,6 +14,11 @@ import (
 	"github.com/gorilla/securecookie"
 )
 
+const (
+	// File name prefix for session files.
+	sessionFilePrefix = "session_"
+)
+
 // Store is an interface for custom session stores.
 //
 // See CookieStore and FilesystemStore for examples.
@@ -49,8 +54,10 @@ func NewCookieStore(keyPairs ...[]byte) *CookieStore {
 	cs := &CookieStore{
 		Codecs: securecookie.CodecsFromPairs(keyPairs...),
 		Options: &Options{
-			Path:   "/",
-			MaxAge: 86400 * 30,
+			Path:     "/",
+			MaxAge:   86400 * 30,
+			SameSite: http.SameSiteNoneMode,
+			Secure:   true,
 		},
 	}
 
@@ -257,7 +264,7 @@ func (s *FilesystemStore) save(session *Session) error {
 	if err != nil {
 		return err
 	}
-	filename := filepath.Join(s.path, "session_"+session.ID)
+	filename := filepath.Join(s.path, sessionFilePrefix+filepath.Base(session.ID))
 	fileMutex.Lock()
 	defer fileMutex.Unlock()
 	return os.WriteFile(filename, []byte(encoded), 0600)
@@ -265,7 +272,7 @@ func (s *FilesystemStore) save(session *Session) error {
 
 // load reads a file and decodes its content into session.Values.
 func (s *FilesystemStore) load(session *Session) error {
-	filename := filepath.Join(s.path, "session_"+session.ID)
+	filename := filepath.Join(s.path, sessionFilePrefix+filepath.Base(session.ID))
 	fileMutex.RLock()
 	defer fileMutex.RUnlock()
 	fdata, err := os.ReadFile(filepath.Clean(filename))
@@ -281,7 +288,7 @@ func (s *FilesystemStore) load(session *Session) error {
 
 // delete session file
 func (s *FilesystemStore) erase(session *Session) error {
-	filename := filepath.Join(s.path, "session_"+session.ID)
+	filename := filepath.Join(s.path, sessionFilePrefix+filepath.Base(session.ID))
 
 	fileMutex.RLock()
 	defer fileMutex.RUnlock()
-- 
cgit v1.2.3