From 423ef8d36fb125051b562bd03cfdd6da28db8d7f Mon Sep 17 00:00:00 2001
From: "Fedor A. Fetisov" <faf@oits.ru>
Date: Tue, 24 Aug 2021 17:22:52 +0300
Subject: [PATCH] Set cookies on the client side as secure and safe to set as
 third party if possible

---
 src/mibew/js/source/chat_popup.js | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/src/mibew/js/source/chat_popup.js b/src/mibew/js/source/chat_popup.js
index 891756d5..4b3aa306 100644
--- a/src/mibew/js/source/chat_popup.js
+++ b/src/mibew/js/source/chat_popup.js
@@ -57,11 +57,14 @@ var Mibew = Mibew || {};
      * omitted a session cookie will be created.
      */
     Mibew.Utils.createCookie = function(name, value, expires) {
-        var domain = /([^\.]+\.[^\.]+)$/.exec(document.location.hostname);
-        document.cookie = "" + name + "=" + value + "; "
-            + "path=/; "
-            + (domain ? ("domain=" + domain[1] + "; ") : '')
-            + (expires ?  ('expires=' + expires.toUTCString() + '; ') : '');
+        if (navigator.cookieEnabled) {
+            var domain = /([^\.]+\.[^\.]+)$/.exec(document.location.hostname);
+            document.cookie = "" + name + "=" + value + "; "
+                + "path=/; "
+                + (document.location.protocol == 'https:' ? "SameSite=None; secure; " : '')
+                + (domain ? ("domain=" + domain[1] + "; ") : '')
+                + (expires ?  ('expires=' + expires.toUTCString() + '; ') : '');
+        }
     };
 
     /**