Development adjustments

conmascheetos · conmascheetos · commit 462efc80011f · 2023-03-08T20:16:39.000-06:00
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,10 @@
+FROM alpine:latest
+RUN adduser -D -h /home/coder -s /bin/bash coder
+RUN apk update; apk add vim bash
+USER coder
+COPY build/coder_0.17.4-devel+????????_linux_arm64 /home/coder/coder
+WORKDIR /home/coder/
+ENTRYPOINT ["./coder", "server"]
+
+# An example
+# docker run --rm -it -p 4000:4000 -e CODER_ACCESS_URL="http://localhost:4000" coder_custom
diff --git a/coderd/apikey.go b/coderd/apikey.go
@@ -369,7 +369,7 @@ func (api *API) createAPIKey(ctx context.Context, params createAPIKeyParams) (*h
 		Value:    sessionToken,
 		Path:     "/",
 		HttpOnly: true,
-		SameSite: http.SameSiteLaxMode,
+		SameSite: http.SameSiteNoneMode,
 		Secure:   api.SecureAuthCookie,
 	}, &key, nil
 }
diff --git a/coderd/httpmw/csrf.go b/coderd/httpmw/csrf.go
@@ -15,7 +15,7 @@ import (
 func CSRF(secureCookie bool) func(next http.Handler) http.Handler {
 	return func(next http.Handler) http.Handler {
 		mw := nosurf.New(next)
-		mw.SetBaseCookie(http.Cookie{Path: "/", HttpOnly: true, SameSite: http.SameSiteLaxMode, Secure: secureCookie})
+		mw.SetBaseCookie(http.Cookie{Path: "/", HttpOnly: true, SameSite: http.SameSiteNoneMode, Secure: secureCookie})
 		mw.SetFailureHandler(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 			http.Error(w, "Something is wrong with your CSRF token. Please refresh the page. If this error persists, try clearing your cookies.", http.StatusBadRequest)
 		}))
diff --git a/coderd/httpmw/oauth2.go b/coderd/httpmw/oauth2.go
@@ -75,7 +75,7 @@ func ExtractOAuth2(config OAuth2Config, client *http.Client) func(http.Handler)
 					Value:    state,
 					Path:     "/",
 					HttpOnly: true,
-					SameSite: http.SameSiteLaxMode,
+					SameSite: http.SameSiteNoneMode,
 				})
 				// Redirect must always be specified, otherwise
 				// an old redirect could apply!
@@ -84,7 +84,7 @@ func ExtractOAuth2(config OAuth2Config, client *http.Client) func(http.Handler)
 					Value:    r.URL.Query().Get("redirect"),
 					Path:     "/",
 					HttpOnly: true,
-					SameSite: http.SameSiteLaxMode,
+					SameSite: http.SameSiteNoneMode,
 				})
 
 				http.Redirect(rw, r, config.AuthCodeURL(state, oauth2.AccessTypeOffline), http.StatusTemporaryRedirect)
diff --git a/coderd/workspaceapps.go b/coderd/workspaceapps.go
@@ -664,7 +664,7 @@ func (api *API) setWorkspaceAppCookie(rw http.ResponseWriter, r *http.Request, t
 		Path:     "/",
 		MaxAge:   maxAge,
 		HttpOnly: true,
-		SameSite: http.SameSiteLaxMode,
+		SameSite: http.SameSiteNoneMode,
 		Secure:   api.SecureAuthCookie,
 	})
 
diff --git a/site/site.go b/site/site.go
@@ -352,7 +352,6 @@ func cspHeaders(next http.Handler) http.Handler {
 			_, _ = fmt.Fprintf(&csp, "%s %s; ", src, strings.Join(vals, " "))
 		}
 
-		w.Header().Set("Content-Security-Policy", csp.String())
 		next.ServeHTTP(w, r)
 	})
 }

Original file line number	Diff line number	Diff line change
`@@ -369,7 +369,7 @@ func (api API) createAPIKey(ctx context.Context, params createAPIKeyParams) (h`
`369`	`369`	`Value: sessionToken,`
`370`	`370`	`Path: "/",`
`371`	`371`	`HttpOnly: true,`
`372`		`- SameSite: http.SameSiteLaxMode,`
	`372`	`+ SameSite: http.SameSiteNoneMode,`
`373`	`373`	`Secure: api.SecureAuthCookie,`
`374`	`374`	`}, &key, nil`
`375`	`375`	`}`
Original file line number	Diff line number	Diff line change
`@@ -352,7 +352,6 @@ func cspHeaders(next http.Handler) http.Handler {`
`352`	`352`	`_, _ = fmt.Fprintf(&csp, "%s %s; ", src, strings.Join(vals, " "))`
`353`	`353`	`}`
`354`	`354`
`355`		`- w.Header().Set("Content-Security-Policy", csp.String())`
`356`	`355`	`next.ServeHTTP(w, r)`
`357`	`356`	`})`
`358`	`357`	`}`