🔄 synced local 'content/2.nuxt-auth/' with remote 'docs/content/' (#139)

Co-authored-by: sideborg <null>
sidebase · Aug 9, 2023 · a82cf37 · a82cf37
1 parent 2078495
commit a82cf37
Showing 1 changed file with 9 additions and 0 deletions.
diff --git a/content/2.nuxt-auth/v0.6/2.configuration/2.nuxt-config.md b/content/2.nuxt-auth/v0.6/2.configuration/2.nuxt-config.md
@@ -206,6 +206,15 @@ type ProviderLocal = {
      * Note: Your backend may reject / expire the token earlier / differently.
      */
     maxAgeInSeconds?: number,
+    /**
+     * The cookie sameSite policy. Can be used as a form of csrf forgery protection. If set to `strict`, the cookie will only be passed with requests to the same 'site'. Typically, this includes subdomains. So, a sameSite: strict cookie set by app.mysite.com will be passed to api.mysite.com, but not api.othersite.com. 
+     *
+     * See the specification here: https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis-03#section-4.1.2.7
+     *
+     * @default 'lax'
+     * @example 'strict'
+     */
+     sameSiteAttribute?:  boolean | 'lax' | 'strict' | 'none' | undefined,
   },
   /**
    * Define an interface for the session data object that `nuxt-auth` expects to receive from the `getSession` endpoint.