fix: Some cookies are misusing the recommended “SameSite“ attribute (#…

…3106) * fix: Some cookies are misusing the recommended “SameSite“ attribute * Fix: Set correct value when value is undefined * Fix getter error --------- Co-authored-by: binarygit <[email protected]>
avo-hq · Aug 8, 2024 · 738b031 · 738b031
1 parent 289ea0a
commit 738b031
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 9 deletions.
diff --git a/app/controllers/avo/application_controller.rb b/app/controllers/avo/application_controller.rb
@@ -292,13 +292,8 @@ def set_force_locale(&action)
     end
 
     def set_sidebar_open
-      value = if cookies["#{Avo::COOKIES_KEY}.sidebar.open"].nil?
-        cookies["#{Avo::COOKIES_KEY}.sidebar.open"] = "1"
-      else
-        cookies["#{Avo::COOKIES_KEY}.sidebar.open"]
-      end
-
-      @sidebar_open = value == "1"
+      value = cookies["#{Avo::COOKIES_KEY}.sidebar.open"]
+      @sidebar_open = value.blank? || value == "1"
     end
 
     # Set the current host for ActiveStorage

diff --git a/app/javascript/js/controllers/sidebar_controller.js b/app/javascript/js/controllers/sidebar_controller.js
@@ -87,8 +87,8 @@ export default class extends Controller {
       this.sidebarTarget.classList.remove('hidden')
     }
     this.mainAreaTarget.classList.toggle('sidebar-open')
-    const value = Cookies.get(this.cookieKey)
-    Cookies.set(this.cookieKey, value === '1' ? '0' : '1')
+
+    Cookies.set(this.cookieKey, this.newValue(Cookies.get(this.cookieKey)))
   }
 
   toggleSidebarOnMobile() {
@@ -104,4 +104,13 @@ export default class extends Controller {
     }
     this.mainAreaTarget.classList.toggle('sidebar-open')
   }
+
+  // private
+  newValue(oldValue) {
+    if (oldValue === undefined) {
+      return '0'
+    }
+    return oldValue === '1' ? '0' : '1'
+  }
+
 }