From 958e9de84e796b41fcc1a2fcbe617b1b04458f11 Mon Sep 17 00:00:00 2001
From: Sean Morley <zipsm15@gmail.com>
Date: Wed, 27 Nov 2024 11:25:33 -0500
Subject: [PATCH] Enhance cookie management: set SameSite attribute for locale
 and theme cookies, and add comments for clarity

---
 frontend/src/lib/components/Navbar.svelte | 2 +-
 frontend/src/routes/+page.server.ts       | 9 +++++----
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/frontend/src/lib/components/Navbar.svelte b/frontend/src/lib/components/Navbar.svelte
index d0e15e2..ce0bb86 100644
--- a/frontend/src/lib/components/Navbar.svelte
+++ b/frontend/src/lib/components/Navbar.svelte
@@ -24,7 +24,7 @@
 	const submitLocaleChange = (event: Event) => {
 		const select = event.target as HTMLSelectElement;
 		const newLocale = select.value;
-		document.cookie = `locale=${newLocale}; path=/`;
+		document.cookie = `locale=${newLocale}; path=/; max-age=${60 * 60 * 24 * 365}; SameSite=Lax`;
 		locale.set(newLocale);
 		window.location.reload();
 	};
diff --git a/frontend/src/routes/+page.server.ts b/frontend/src/routes/+page.server.ts
index 93de50a..c45b004 100644
--- a/frontend/src/routes/+page.server.ts
+++ b/frontend/src/routes/+page.server.ts
@@ -11,7 +11,8 @@ export const actions: Actions = {
 		if (theme && themes.find((t) => t.name === theme)) {
 			cookies.set('colortheme', theme, {
 				path: '/',
-				maxAge: 60 * 60 * 24 * 365
+				maxAge: 60 * 60 * 24 * 365, // 1 year
+				sameSite: 'lax'
 			});
 		}
 	},
@@ -39,11 +40,11 @@ export const actions: Actions = {
 	},
 	setLocale: async ({ url, cookies }) => {
 		const locale = url.searchParams.get('locale');
-		// change the theme only if it is one of the allowed themes
-		if (locale && ['en', 'es'].includes(locale)) {
+		// change the locale only if it is one of the allowed locales
+		if (locale) {
 			cookies.set('locale', locale, {
 				path: '/',
-				maxAge: 60 * 60 * 24 * 365
+				maxAge: 60 * 60 * 24 * 365 // 1 year
 			});
 		}
 	}