Don't set Cookie to Secure if not using https

Cacti · Dec 9, 2024 · fa72f83 · fa72f83
1 parent 257df95
commit fa72f83
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/include/layout.js b/include/layout.js
@@ -3838,7 +3838,7 @@ function checkForLogout(data) {
 }
 
 function setCactiTabCookie() {
-	document.cookie = 'CactiTab=' + sessionStorage.tab + '; SameSite=None; Max-Age: -1; Secure; Path=' + urlPath;
+	document.cookie = 'CactiTab=' + sessionStorage.tab + '; Max-Age: -1;' + (window.location.protocol === 'https:' ? ' SameSite=None; Secure;' : ' SameSite=Strict;') +' Path=' + urlPath;
 }
 
 function checkForRedirects(data, href) {