From 96bebe8c79914d4a32d5a00d505a845d9cb4ca2b Mon Sep 17 00:00:00 2001
From: Zankaria <zankaria.auxa@mailu.io>
Date: Sat, 11 May 2024 12:44:16 +0200
Subject: [PATCH] post.php: fix broken JS cookie setting

---
 post.php | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/post.php b/post.php
index 8fe7354f..7babb04e 100644
--- a/post.php
+++ b/post.php
@@ -1321,14 +1321,22 @@ if (isset($_POST['delete'])) {
 
 	if (isset($_SERVER['HTTP_REFERER'])) {
 		// Tell Javascript that we posted successfully
-		if (isset($_COOKIE[$config['cookies']['js']]))
+		if (isset($_COOKIE[$config['cookies']['js']])) {
 			$js = json_decode($_COOKIE[$config['cookies']['js']]);
-		else
-			$js = (object) array();
+		} else {
+			$js = (object)array();
+		}
 		// Tell it to delete the cached post for referer
 		$js->{$_SERVER['HTTP_REFERER']} = true;
-		// Encode and set cookie
-		setcookie($config['cookies']['js'], json_encode($js), 0, $config['cookies']['jail'] ? $config['cookies']['path'] : '/', null, false, false);
+
+		// Encode and set cookie.
+		$options = [
+			'expires' => 0,
+			'path' => $config['cookies']['jail'] ? $config['cookies']['path'] : '/',
+			'httponly' => false,
+			'samesite' => 'Strict'
+		];
+		setcookie($config['cookies']['js'], json_encode($js), $options);
 	}
 
 	$root = $post['mod'] ? $config['root'] . $config['file_mod'] . '?/' : $config['root'];